+static __attribute__((noinline)) int
+ifioctl_nat64prefix(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+ struct if_nat64req *ifnat64 = (struct if_nat64req *)(void *)data;
+ int error = 0;
+
+ VERIFY(ifp != NULL);
+
+ switch (cmd) {
+ case SIOCSIFNAT64PREFIX: /* struct if_nat64req */
+ error = ifnet_set_nat64prefix(ifp, ifnat64->ifnat64_prefixes);
+ if (error != 0) {
+ ip6stat.ip6s_clat464_plat64_pfx_setfail++;
+ }
+ break;
+
+ case SIOCGIFNAT64PREFIX: /* struct if_nat64req */
+ error = ifnet_get_nat64prefix(ifp, ifnat64->ifnat64_prefixes);
+ if (error != 0) {
+ ip6stat.ip6s_clat464_plat64_pfx_getfail++;
+ }
+ break;
+
+ default:
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+
+ return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_clat46addr(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+ struct if_clat46req *ifclat46 = (struct if_clat46req *)(void *)data;
+ struct in6_ifaddr *ia6_clat = NULL;
+ int error = 0;
+
+ VERIFY(ifp != NULL);
+
+ switch (cmd) {
+ case SIOCGIFCLAT46ADDR:
+ ia6_clat = in6ifa_ifpwithflag(ifp, IN6_IFF_CLAT46);
+ if (ia6_clat == NULL) {
+ error = ENOENT;
+ break;
+ }
+
+ bcopy(&ia6_clat->ia_addr.sin6_addr, &ifclat46->ifclat46_addr.v6_address,
+ sizeof(ifclat46->ifclat46_addr.v6_address));
+ ifclat46->ifclat46_addr.v6_prefixlen = ia6_clat->ia_plen;
+ IFA_REMREF(&ia6_clat->ia_ifa);
+ break;
+ default:
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+
+ return error;
+}
+
+
+static int
+ifioctl_get_protolist(struct ifnet *ifp, u_int32_t * ret_count,
+ user_addr_t ifpl)
+{
+ u_int32_t actual_count;
+ u_int32_t count;
+ int error = 0;
+ u_int32_t *list = NULL;
+
+ /* find out how many */
+ count = if_get_protolist(ifp, NULL, 0);
+ if (ifpl == USER_ADDR_NULL) {
+ goto done;
+ }
+
+ /* copy out how many there's space for */
+ if (*ret_count < count) {
+ count = *ret_count;
+ }
+ if (count == 0) {
+ goto done;
+ }
+ list = _MALLOC(count * sizeof(*list), M_TEMP, M_WAITOK | M_ZERO);
+ if (list == NULL) {
+ error = ENOMEM;
+ goto done;
+ }
+ actual_count = if_get_protolist(ifp, list, count);
+ if (actual_count < count) {
+ count = actual_count;
+ }
+ if (count != 0) {
+ error = copyout((caddr_t)list, ifpl, count * sizeof(*list));
+ }
+
+done:
+ if (list != NULL) {
+ if_free_protolist(list);
+ }
+ *ret_count = count;
+ return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_protolist(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+ int error = 0;
+
+ switch (cmd) {
+ case SIOCGIFPROTOLIST32: { /* struct if_protolistreq32 */
+ struct if_protolistreq32 ifpl;
+
+ bcopy(data, &ifpl, sizeof(ifpl));
+ if (ifpl.ifpl_reserved != 0) {
+ error = EINVAL;
+ break;
+ }
+ error = ifioctl_get_protolist(ifp, &ifpl.ifpl_count,
+ CAST_USER_ADDR_T(ifpl.ifpl_list));
+ bcopy(&ifpl, data, sizeof(ifpl));
+ break;
+ }
+ case SIOCGIFPROTOLIST64: { /* struct if_protolistreq64 */
+ struct if_protolistreq64 ifpl;
+
+ bcopy(data, &ifpl, sizeof(ifpl));
+ if (ifpl.ifpl_reserved != 0) {
+ error = EINVAL;
+ break;
+ }
+ error = ifioctl_get_protolist(ifp, &ifpl.ifpl_count,
+ ifpl.ifpl_list);
+ bcopy(&ifpl, data, sizeof(ifpl));
+ break;
+ }
+ default:
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+
+ return error;
+}
+
+/*
+ * List the ioctl()s we can perform on restricted INTCOPROC interfaces.
+ */
+static bool
+ifioctl_restrict_intcoproc(unsigned long cmd, const char *ifname,
+ struct ifnet *ifp, struct proc *p)
+{
+ if (intcoproc_unrestricted == TRUE) {
+ return false;
+ }
+ if (proc_pid(p) == 0) {
+ return false;
+ }
+ if (ifname) {
+ ifp = ifunit(ifname);
+ }
+ if (ifp == NULL) {
+ return false;
+ }
+ if (!IFNET_IS_INTCOPROC(ifp)) {
+ return false;
+ }
+ switch (cmd) {
+ case SIOCGIFBRDADDR:
+ case SIOCGIFCONF32:
+ case SIOCGIFCONF64:
+ case SIOCGIFFLAGS:
+ case SIOCGIFEFLAGS:
+ case SIOCGIFCAP:
+ case SIOCGIFMETRIC:
+ case SIOCGIFMTU:
+ case SIOCGIFPHYS:
+ case SIOCGIFTYPE:
+ case SIOCGIFFUNCTIONALTYPE:
+ case SIOCGIFPSRCADDR:
+ case SIOCGIFPDSTADDR:
+ case SIOCGIFGENERIC:
+ case SIOCGIFDEVMTU:
+ case SIOCGIFVLAN:
+ case SIOCGIFBOND:
+ case SIOCGIFWAKEFLAGS:
+ case SIOCGIFGETRTREFCNT:
+ case SIOCGIFOPPORTUNISTIC:
+ case SIOCGIFLINKQUALITYMETRIC:
+ case SIOCGIFLOG:
+ case SIOCGIFDELEGATE:
+ case SIOCGIFEXPENSIVE:
+ case SIOCGIFINTERFACESTATE:
+ case SIOCGIFPROBECONNECTIVITY:
+ case SIOCGIFTIMESTAMPENABLED:
+ case SIOCGECNMODE:
+ case SIOCGQOSMARKINGMODE:
+ case SIOCGQOSMARKINGENABLED:
+ case SIOCGIFLOWINTERNET:
+ case SIOCGIFSTATUS:
+ case SIOCGIFMEDIA32:
+ case SIOCGIFMEDIA64:
+ case SIOCGIFXMEDIA32:
+ case SIOCGIFXMEDIA64:
+ case SIOCGIFDESC:
+ case SIOCGIFLINKPARAMS:
+ case SIOCGIFQUEUESTATS:
+ case SIOCGIFTHROTTLE:
+ case SIOCGIFAGENTIDS32:
+ case SIOCGIFAGENTIDS64:
+ case SIOCGIFNETSIGNATURE:
+ case SIOCGIFINFO_IN6:
+ case SIOCGIFAFLAG_IN6:
+ case SIOCGNBRINFO_IN6:
+ case SIOCGIFALIFETIME_IN6:
+ case SIOCGIFNETMASK_IN6:
+ case SIOCGIFPROTOLIST32:
+ case SIOCGIFPROTOLIST64:
+ case SIOCGIFXFLAGS:
+ return false;
+ default:
+#if (DEBUG || DEVELOPMENT)
+ printf("%s: cmd 0x%lx not allowed (pid %u)\n",
+ __func__, cmd, proc_pid(p));
+#endif
+ return true;
+ }
+ return false;
+}
+
+/*
+ * Given a media word, return one suitable for an application
+ * using the original encoding.
+ */
+static int
+compat_media(int media)
+{
+ if (IFM_TYPE(media) == IFM_ETHER && IFM_SUBTYPE(media) > IFM_OTHER) {
+ media &= ~IFM_TMASK;
+ media |= IFM_OTHER;
+ }
+ return media;
+}
+
+static int
+compat_ifmu_ulist(struct ifnet *ifp, u_long cmd, void *data)
+{
+ struct ifmediareq *ifmr = (struct ifmediareq *)data;
+ user_addr_t user_addr;
+ int i;
+ int *media_list = NULL;
+ int error = 0;
+ bool list_modified = false;
+
+ user_addr = (cmd == SIOCGIFMEDIA64) ?
+ ((struct ifmediareq64 *)ifmr)->ifmu_ulist :
+ CAST_USER_ADDR_T(((struct ifmediareq32 *)ifmr)->ifmu_ulist);
+ if (user_addr == USER_ADDR_NULL || ifmr->ifm_count == 0) {
+ return 0;
+ }
+ MALLOC(media_list, int *, ifmr->ifm_count * sizeof(int),
+ M_TEMP, M_WAITOK | M_ZERO);
+ if (media_list == NULL) {
+ os_log_error(OS_LOG_DEFAULT,
+ "%s: %s MALLOC() failed",
+ __func__, ifp->if_xname);
+ error = ENOMEM;
+ goto done;
+ }
+ error = copyin(user_addr, media_list, ifmr->ifm_count * sizeof(int));
+ if (error != 0) {
+ os_log_error(OS_LOG_DEFAULT,
+ "%s: %s copyin() error %d",
+ __func__, ifp->if_xname, error);
+ goto done;
+ }
+ for (i = 0; i < ifmr->ifm_count; i++) {
+ int old_media, new_media;
+
+ old_media = media_list[i];
+
+ new_media = compat_media(old_media);
+ if (new_media == old_media) {
+ continue;
+ }
+ if (if_verbose != 0) {
+ os_log_info(OS_LOG_DEFAULT,
+ "%s: %s converted extended media %08x to compat media %08x",
+ __func__, ifp->if_xname, old_media, new_media);
+ }
+ media_list[i] = new_media;
+ list_modified = true;
+ }
+ if (list_modified) {
+ error = copyout(media_list, user_addr, ifmr->ifm_count * sizeof(int));
+ if (error != 0) {
+ os_log_error(OS_LOG_DEFAULT,
+ "%s: %s copyout() error %d",
+ __func__, ifp->if_xname, error);
+ goto done;
+ }
+ }
+done:
+ if (media_list != NULL) {
+ FREE(media_list, M_TEMP);
+ }
+ return error;
+}
+
+static int
+compat_ifmediareq(struct ifnet *ifp, u_long cmd, void *data)
+{
+ struct ifmediareq *ifmr = (struct ifmediareq *)data;
+ int error;
+
+ ifmr->ifm_active = compat_media(ifmr->ifm_active);
+ ifmr->ifm_current = compat_media(ifmr->ifm_current);
+
+ error = compat_ifmu_ulist(ifp, cmd, data);
+
+ return error;
+}
+
+static int
+ifioctl_get_media(struct ifnet *ifp, struct socket *so, u_long cmd, caddr_t data)
+{
+ int error = 0;
+
+ /*
+ * An ifnet must not implement SIOCGIFXMEDIA as it gets the extended
+ * media subtypes macros from <net/if_media.h>
+ */
+ switch (cmd) {
+ case SIOCGIFMEDIA32:
+ case SIOCGIFXMEDIA32:
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), SIOCGIFMEDIA32, data);
+ break;
+ case SIOCGIFMEDIA64:
+ case SIOCGIFXMEDIA64:
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), SIOCGIFMEDIA64, data);
+ break;
+ }
+ if (if_verbose != 0 && error != 0) {
+ os_log(OS_LOG_DEFAULT, "%s: first ifnet_ioctl(%s, %08lx) error %d",
+ __func__, ifp->if_xname, cmd, error);
+ }
+ if (error == 0 && (cmd == SIOCGIFMEDIA32 || cmd == SIOCGIFMEDIA64)) {
+ error = compat_ifmediareq(ifp, cmd, data);
+ }
+ return error;
+}
projects / apple / xnu.git / blobdiff