From patchwork Tue Jul 20 14:46:09 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 481554 Delivered-To: patch@linaro.org Received: by 2002:a02:c94a:0:0:0:0:0 with SMTP id u10csp5248333jao; Tue, 20 Jul 2021 08:39:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzgPnymxoaLNoeoSR7pzc7qiRmw2E9k+PmH2wvW0DdPjGVsNJOfIwd3bwG5SodGy7P9Uq1g X-Received: by 2002:a05:6402:37a:: with SMTP id s26mr42416630edw.114.1626795574770; Tue, 20 Jul 2021 08:39:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1626795574; cv=none; d=google.com; s=arc-20160816; b=RUcZ08RJjAw//pk2oY2VA8+vYTGbtgFE6qiS9FpzVw7I/eRgpAsZOe+3by0vyvrM2C sTopGzuO/N3T39cO31yBhc42tdfY3CIFwmMhd4Wr0+/kJjeo9I55H7bBSJ6uVYOVUL3w HJwK3uIH5KQVCRYKnrVPYDV4b2unRVgpI1xUqk1OMO6a0GxKRe6/T6es8OjA1ahPcuNs X1XKjVhJZEnqBb7tJ2ljjDvy+6FL8Gz23dhYalxLtkEQN11Km7mMDDFiOce+ccxYffjF JLCpnuxTCjPhDbNUDaqSIXNsSXUn+eknSGbunBLH8WCeVnYYr1v4jI3acaSBtI1d0GiF 60UA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=jJr3wcMwPKrT5OWZ9ZNV9D0t6Qu4bPHA9glmiX0UJ10=; b=PN66HQn3eJxHf0Xpzqy7jv9dco2+3JP0P/Kky4r/Z29pfiwuZjiAE3og6GY+egWLRx 3iSE+T+CadeLe4x1DpXJ0gHTWHZr+JiiYgzeoJ34nAq9H3jZn/8Iy760sotdwH95USM+ IHkzIMklfpAmUqeURx/nqQZwusjDAxE9JEbNd3OestJz4svhhbgGXpSdaglEBXjsAq3x 31RQm5VSYP+sHZRKgH1XphmgFgQ73SrUXj3Cvfdtf/SToxutNCaIGwoP5QZpRi8fFrxb nI5A9+Pj04TI6sJoYLi7kcWUremMtCr2baSDA1tNz1peNSmvj9ZmHewUdupU+rwyDlI5 PacA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GaxLMhhh; spf=pass (google.com: domain of netdev-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=netdev-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b7si160517edd.497.2021.07.20.08.39.34; Tue, 20 Jul 2021 08:39:34 -0700 (PDT) Received-SPF: pass (google.com: domain of netdev-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GaxLMhhh; spf=pass (google.com: domain of netdev-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=netdev-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237209AbhGTOxK (ORCPT + 8 others); Tue, 20 Jul 2021 10:53:10 -0400 Received: from mail.kernel.org ([198.145.29.99]:35608 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239787AbhGTO2q (ORCPT ); Tue, 20 Jul 2021 10:28:46 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 2BA486120E; Tue, 20 Jul 2021 14:46:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1626792414; bh=HeCjumant9zOvemF66btOBepei7KoaQ2+NpoLeowync=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=GaxLMhhhtY0KpAhasVtrop/3exOfrnlufC9oWj+xq4p1rJP+sWZ+1kQaqBq2uL/ql VMnsW0CbjwOBXkBnJ4s5zK+SHb1FBpxRV3dVs/KhzxwFqCbtoYGqAx4qapIytOYSqb b0jZi2ESpbQO2F0pD6mE2R7BcR/fBcBqMMH7bAeWB/08GhJ7JpnQ2adMS9C/U7HmVE h3r5SH1XR5KeOjKwkhjOO06KKrIFNKRkn0LhjKhmNlH21Hz3jcxj1GGRoPt/lNEvZ0 bW4KdmJyXgdZirYwCRgW10lAFjYL4LtbMqv0KuDLap/2OyHTsjpxVaqbcPjSHDUEI2 ToTeCN0U7beiQ== From: Arnd Bergmann To: netdev@vger.kernel.org Cc: Christoph Hellwig , Arnd Bergmann Subject: [PATCH net-next v2 02/31] staging: rtlwifi: use siocdevprivate Date: Tue, 20 Jul 2021 16:46:09 +0200 Message-Id: <20210720144638.2859828-3-arnd@kernel.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210720144638.2859828-1-arnd@kernel.org> References: <20210720144638.2859828-1-arnd@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Arnd Bergmann rtl8188eu has an "android private" ioctl command multiplexer that is not currently safe for use in compat mode because of its triple-indirect pointer. rtl8723bs uses a different interface on the SIOCDEVPRIVATE command, based on the iwpriv data structure Both also have normal unreachable iwpriv commands, and all of the above should probably just get removed. For the moment, just switch over to the new interface. Signed-off-by: Arnd Bergmann --- drivers/staging/rtl8188eu/include/osdep_intf.h | 2 ++ .../staging/rtl8188eu/include/rtw_android.h | 3 ++- drivers/staging/rtl8188eu/os_dep/ioctl_linux.c | 3 --- drivers/staging/rtl8188eu/os_dep/os_intfs.c | 1 + drivers/staging/rtl8188eu/os_dep/rtw_android.c | 14 +++++++++++--- drivers/staging/rtl8723bs/include/osdep_intf.h | 2 ++ drivers/staging/rtl8723bs/os_dep/ioctl_linux.c | 18 +++++++++++++++--- drivers/staging/rtl8723bs/os_dep/os_intfs.c | 1 + 8 files changed, 34 insertions(+), 10 deletions(-) -- 2.29.2 diff --git a/drivers/staging/rtl8188eu/include/osdep_intf.h b/drivers/staging/rtl8188eu/include/osdep_intf.h index 5012b9176526..34decb03e92f 100644 --- a/drivers/staging/rtl8188eu/include/osdep_intf.h +++ b/drivers/staging/rtl8188eu/include/osdep_intf.h @@ -22,6 +22,8 @@ void rtw_stop_drv_threads(struct adapter *padapter); void rtw_cancel_all_timer(struct adapter *padapter); int rtw_ioctl(struct net_device *dev, struct ifreq *rq, int cmd); +int rtw_android_priv_cmd(struct net_device *dev, struct ifreq *rq, + void __user *data, int cmd); struct net_device *rtw_init_netdev(void); u16 rtw_recv_select_queue(struct sk_buff *skb); diff --git a/drivers/staging/rtl8188eu/include/rtw_android.h b/drivers/staging/rtl8188eu/include/rtw_android.h index 2c26993b8205..3018fc1e8de8 100644 --- a/drivers/staging/rtl8188eu/include/rtw_android.h +++ b/drivers/staging/rtl8188eu/include/rtw_android.h @@ -45,6 +45,7 @@ enum ANDROID_WIFI_CMD { ANDROID_WIFI_CMD_MAX }; -int rtw_android_priv_cmd(struct net_device *net, struct ifreq *ifr, int cmd); +int rtw_android_priv_cmd(struct net_device *net, struct ifreq *ifr, + void __user *data, int cmd); #endif /* __RTW_ANDROID_H__ */ diff --git a/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c b/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c index b958a8d882b0..193a3dde462c 100644 --- a/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c +++ b/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c @@ -2769,9 +2769,6 @@ int rtw_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) ret = rtw_hostapd_ioctl(dev, &wrq->u.data); break; #endif /* CONFIG_88EU_AP_MODE */ - case (SIOCDEVPRIVATE + 1): - ret = rtw_android_priv_cmd(dev, rq, cmd); - break; default: ret = -EOPNOTSUPP; break; diff --git a/drivers/staging/rtl8188eu/os_dep/os_intfs.c b/drivers/staging/rtl8188eu/os_dep/os_intfs.c index 423c382e3d20..596e03e7b286 100644 --- a/drivers/staging/rtl8188eu/os_dep/os_intfs.c +++ b/drivers/staging/rtl8188eu/os_dep/os_intfs.c @@ -288,6 +288,7 @@ static const struct net_device_ops rtw_netdev_ops = { .ndo_set_mac_address = rtw_net_set_mac_address, .ndo_get_stats = rtw_net_get_stats, .ndo_do_ioctl = rtw_ioctl, + .ndo_siocdevprivate = rtw_android_priv_cmd, }; static const struct device_type wlan_type = { diff --git a/drivers/staging/rtl8188eu/os_dep/rtw_android.c b/drivers/staging/rtl8188eu/os_dep/rtw_android.c index 3c5446999686..a13df3880378 100644 --- a/drivers/staging/rtl8188eu/os_dep/rtw_android.c +++ b/drivers/staging/rtl8188eu/os_dep/rtw_android.c @@ -5,6 +5,7 @@ * ******************************************************************************/ +#include #include #include @@ -116,7 +117,8 @@ static int android_get_p2p_addr(struct net_device *net, char *command, return ETH_ALEN; } -int rtw_android_priv_cmd(struct net_device *net, struct ifreq *ifr, int cmd) +int rtw_android_priv_cmd(struct net_device *net, struct ifreq *ifr, + void __user *data, int cmd) { int ret = 0; char *command; @@ -124,9 +126,15 @@ int rtw_android_priv_cmd(struct net_device *net, struct ifreq *ifr, int cmd) int bytes_written = 0; struct android_wifi_priv_cmd priv_cmd; - if (!ifr->ifr_data) + if (cmd != SIOCDEVPRIVATE) + return -EOPNOTSUPP; + + if (in_compat_syscall()) /* to be implemented */ + return -EOPNOTSUPP; + + if (!data) return -EINVAL; - if (copy_from_user(&priv_cmd, ifr->ifr_data, sizeof(priv_cmd))) + if (copy_from_user(&priv_cmd, data, sizeof(priv_cmd))) return -EFAULT; if (priv_cmd.total_len < 1) return -EINVAL; diff --git a/drivers/staging/rtl8723bs/include/osdep_intf.h b/drivers/staging/rtl8723bs/include/osdep_intf.h index 111e0179712a..5badd441c14b 100644 --- a/drivers/staging/rtl8723bs/include/osdep_intf.h +++ b/drivers/staging/rtl8723bs/include/osdep_intf.h @@ -48,6 +48,8 @@ void rtw_stop_drv_threads(struct adapter *padapter); void rtw_cancel_all_timer(struct adapter *padapter); int rtw_ioctl(struct net_device *dev, struct ifreq *rq, int cmd); +int rtw_siocdevprivate(struct net_device *dev, struct ifreq *rq, + void __user *data, int cmd); int rtw_init_netdev_name(struct net_device *pnetdev, const char *ifname); struct net_device *rtw_init_netdev(struct adapter *padapter); diff --git a/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c b/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c index f95000df8942..aa7bd76bb5f1 100644 --- a/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c +++ b/drivers/staging/rtl8723bs/os_dep/ioctl_linux.c @@ -4485,6 +4485,21 @@ static int rtw_ioctl_wext_private(struct net_device *dev, union iwreq_data *wrq_ return err; } +int rtw_siocdevprivate(struct net_device *dev, struct ifreq *rq, + void __user *data, int cmd) +{ + struct iwreq *wrq = (struct iwreq *)rq; + + /* little hope of fixing this, better remove the whole function */ + if (in_compat_syscall()) + return -EOPNOTSUPP; + + if (cmd != SIOCDEVPRIVATE) + return -EOPNOTSUPP; + + return rtw_ioctl_wext_private(dev, &wrq->u); +} + int rtw_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) { struct iwreq *wrq = (struct iwreq *)rq; @@ -4497,9 +4512,6 @@ int rtw_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) case RTL_IOCTL_HOSTAPD: ret = rtw_hostapd_ioctl(dev, &wrq->u.data); break; - case SIOCDEVPRIVATE: - ret = rtw_ioctl_wext_private(dev, &wrq->u); - break; default: ret = -EOPNOTSUPP; break; diff --git a/drivers/staging/rtl8723bs/os_dep/os_intfs.c b/drivers/staging/rtl8723bs/os_dep/os_intfs.c index 648456b992bb..9e38b53d3b4a 100644 --- a/drivers/staging/rtl8723bs/os_dep/os_intfs.c +++ b/drivers/staging/rtl8723bs/os_dep/os_intfs.c @@ -459,6 +459,7 @@ static const struct net_device_ops rtw_netdev_ops = { .ndo_set_mac_address = rtw_net_set_mac_address, .ndo_get_stats = rtw_net_get_stats, .ndo_do_ioctl = rtw_ioctl, + .ndo_siocdevprivate = rtw_siocdevprivate, }; int rtw_init_netdev_name(struct net_device *pnetdev, const char *ifname)