#include <linux/slab.h>
#include <linux/string.h>
#include <linux/miscdevice.h>
+#include <linux/smp_lock.h>
#include <linux/init.h>
#include <linux/fs.h>
#include <asm/oplib.h>
* structure will be placed in "*opp_p". Return value is the length
* of the user supplied buffer.
*/
-static int copyin(struct openpromio *info, struct openpromio **opp_p)
+static int copyin(struct openpromio __user *info, struct openpromio **opp_p)
{
unsigned int bufsize;
return bufsize;
}
-static int getstrings(struct openpromio *info, struct openpromio **opp_p)
+static int getstrings(struct openpromio __user *info, struct openpromio **opp_p)
{
int n, bufsize;
char c;
/*
* Copy an openpromio structure in kernel space back to user space.
*/
-static int copyout(void *info, struct openpromio *opp, int len)
+static int copyout(void __user *info, struct openpromio *opp, int len)
{
if (copy_to_user(info, opp, len))
return -EFAULT;
char buffer[OPROMMAXPARAM+1], *buf;
struct openpromio *opp;
int bufsize, len, error = 0;
- extern char saved_command_line[];
static int cnt;
+ void __user *argp = (void __user *)arg;
if (cmd == OPROMSETOPT)
- bufsize = getstrings((void *)arg, &opp);
+ bufsize = getstrings(argp, &opp);
else
- bufsize = copyin((void *)arg, &opp);
+ bufsize = copyin(argp, &opp);
if (bufsize < 0)
return bufsize;
len = prom_getproplen(node, opp->oprom_array);
if (len <= 0 || len > bufsize) {
- error = copyout((void *)arg, opp, sizeof(int));
+ error = copyout(argp, opp, sizeof(int));
break;
}
opp->oprom_array[len] = '\0';
opp->oprom_size = len;
- error = copyout((void *)arg, opp, sizeof(int) + bufsize);
+ error = copyout(argp, opp, sizeof(int) + bufsize);
break;
case OPROMNXTOPT:
len = strlen(buf);
if (len == 0 || len + 1 > bufsize) {
- error = copyout((void *)arg, opp, sizeof(int));
+ error = copyout(argp, opp, sizeof(int));
break;
}
opp->oprom_array[len] = '\0';
opp->oprom_size = ++len;
- error = copyout((void *)arg, opp, sizeof(int) + bufsize);
+ error = copyout(argp, opp, sizeof(int) + bufsize);
break;
case OPROMSETOPT:
*((int *)opp->oprom_array) = node;
opp->oprom_size = sizeof(int);
- error = copyout((void *)arg, opp, bufsize + sizeof(int));
+ error = copyout(argp, opp, bufsize + sizeof(int));
break;
case OPROMPCI2NODE:
data->current_node = node;
*((int *)opp->oprom_array) = node;
opp->oprom_size = sizeof(int);
- error = copyout((void *)arg, opp, bufsize + sizeof(int));
+ error = copyout(argp, opp, bufsize + sizeof(int));
}
#endif
}
*((int *)opp->oprom_array) = node;
opp->oprom_size = sizeof(int);
- error = copyout((void *)arg, opp, bufsize + sizeof(int));
+ error = copyout(argp, opp, bufsize + sizeof(int));
break;
case OPROMGETBOOTARGS:
strcpy(opp->oprom_array, buf);
opp->oprom_size = len;
- error = copyout((void *)arg, opp, bufsize + sizeof(int));
+ error = copyout(argp, opp, bufsize + sizeof(int));
break;
case OPROMU2P:
}
/* Copy in a whole string from userspace into kernelspace. */
-static int copyin_string(char *user, size_t len, char **ptr)
+static int copyin_string(char __user *user, size_t len, char **ptr)
{
char *tmp;
unsigned int cmd, unsigned long arg)
{
DATA *data = (DATA *) file->private_data;
+ void __user *argp = (void __user *)arg;
struct opiocdesc op;
int error, node, len;
char *str, *tmp;
switch (cmd) {
case OPIOCGET:
- if (copy_from_user(&op, (void *)arg, sizeof(op)))
+ if (copy_from_user(&op, argp, sizeof(op)))
return -EFAULT;
if (!goodnode(op.op_nodeid,data))
if (len <= 0) {
kfree(str);
/* Verified by the above copy_from_user */
- if (__copy_to_user((void *)arg, &op,
+ if (__copy_to_user(argp, &op,
sizeof(op)))
return -EFAULT;
return 0;
return -ENOMEM;
}
- prom_getproperty(op.op_nodeid, str, tmp, len);
-
- tmp[len] = '\0';
+ cnt = prom_getproperty(op.op_nodeid, str, tmp, len);
+ if (cnt <= 0) {
+ error = -EINVAL;
+ } else {
+ tmp[len] = '\0';
- if (__copy_to_user((void *)arg, &op, sizeof(op)) != 0
- || copy_to_user(op.op_buf, tmp, len) != 0)
- error = -EFAULT;
+ if (__copy_to_user(argp, &op, sizeof(op)) != 0 ||
+ copy_to_user(op.op_buf, tmp, len) != 0)
+ error = -EFAULT;
+ }
kfree(tmp);
kfree(str);
return error;
case OPIOCNEXTPROP:
- if (copy_from_user(&op, (void *)arg, sizeof(op)))
+ if (copy_from_user(&op, argp, sizeof(op)))
return -EFAULT;
if (!goodnode(op.op_nodeid,data))
len = op.op_buflen = 0;
}
- error = verify_area(VERIFY_WRITE, (void *)arg, sizeof(op));
- if (error) {
+ if (!access_ok(VERIFY_WRITE, argp, sizeof(op))) {
kfree(str);
- return error;
+ return -EFAULT;
}
- error = verify_area(VERIFY_WRITE, op.op_buf, len);
- if (error) {
+ if (!access_ok(VERIFY_WRITE, op.op_buf, len)) {
kfree(str);
- return error;
+ return -EFAULT;
}
- error = __copy_to_user((void *)arg, &op, sizeof(op));
+ error = __copy_to_user(argp, &op, sizeof(op));
if (!error) error = __copy_to_user(op.op_buf, tmp, len);
kfree(str);
return error;
case OPIOCSET:
- if (copy_from_user(&op, (void *)arg, sizeof(op)))
+ if (copy_from_user(&op, argp, sizeof(op)))
return -EFAULT;
if (!goodnode(op.op_nodeid,data))
return 0;
case OPIOCGETOPTNODE:
- if (copy_to_user((void *)arg, &options_node, sizeof(int)))
+ if (copy_to_user(argp, &options_node, sizeof(int)))
return -EFAULT;
return 0;
case OPIOCGETNEXT:
case OPIOCGETCHILD:
- if (copy_from_user(&node, (void *)arg, sizeof(int)))
+ if (copy_from_user(&node, argp, sizeof(int)))
return -EFAULT;
if (cmd == OPIOCGETNEXT)
else
node = __prom_getchild(node);
- if (__copy_to_user((void *)arg, &node, sizeof(int)))
+ if (__copy_to_user(argp, &node, sizeof(int)))
return -EFAULT;
return 0;
}
}
+static long openprom_compat_ioctl(struct file *file, unsigned int cmd,
+ unsigned long arg)
+{
+ long rval = -ENOTTY;
+
+ /*
+ * SunOS/Solaris only, the NetBSD one's have embedded pointers in
+ * the arg which we'd need to clean up...
+ */
+ switch (cmd) {
+ case OPROMGETOPT:
+ case OPROMSETOPT:
+ case OPROMNXTOPT:
+ case OPROMSETOPT2:
+ case OPROMNEXT:
+ case OPROMCHILD:
+ case OPROMGETPROP:
+ case OPROMNXTPROP:
+ case OPROMU2P:
+ case OPROMGETCONS:
+ case OPROMGETFBNAME:
+ case OPROMGETBOOTARGS:
+ case OPROMSETCUR:
+ case OPROMPCI2NODE:
+ case OPROMPATH2NODE:
+ lock_kernel();
+ rval = openprom_ioctl(file->f_dentry->d_inode, file, cmd, arg);
+ lock_kernel();
+ break;
+ }
+
+ return rval;
+}
+
static int openprom_open(struct inode * inode, struct file * file)
{
DATA *data;
.owner = THIS_MODULE,
.llseek = no_llseek,
.ioctl = openprom_ioctl,
+ .compat_ioctl = openprom_compat_ioctl,
.open = openprom_open,
.release = openprom_release,
};
git://git.onelab.eu / linux-2.6.git / blobdiff