The third argument of ioctl handlers is a user input which can contain either a pointer to data in the user space or any number. This commit changes the type of the argument from unsigned long to user_uintptr_t so that we can accommodate the bigger size of capabilities and accept them from user space correctly without discarding their metadata. It also updates the signature of child functions and casts the argument to unsigned long when it must be treated as such for size reasons.
Signed-off-by: Luca Vizzarro Luca.Vizzarro@arm.com --- drivers/tty/n_tty.c | 2 +- drivers/tty/pty.c | 4 ++-- drivers/tty/serial/serial_core.c | 2 +- drivers/tty/tty_ioctl.c | 2 +- drivers/tty/vt/keyboard.c | 2 +- drivers/tty/vt/vt.c | 2 +- drivers/tty/vt/vt_ioctl.c | 8 ++++---- include/linux/tty.h | 4 ++-- include/linux/tty_driver.h | 2 +- include/linux/tty_ldisc.h | 2 +- include/linux/vt_kern.h | 4 ++-- 11 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c index 597019690ae6..fd58d19c1dc4 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -2463,7 +2463,7 @@ static unsigned long inq_canon(struct n_tty_data *ldata) }
static int n_tty_ioctl(struct tty_struct *tty, unsigned int cmd, - unsigned long arg) + user_uintptr_t arg) { struct n_tty_data *ldata = tty->disc_data; int retval; diff --git a/drivers/tty/pty.c b/drivers/tty/pty.c index aa6c5fa3d562..255f91b0d515 100644 --- a/drivers/tty/pty.c +++ b/drivers/tty/pty.c @@ -451,7 +451,7 @@ static void pty_remove(struct tty_driver *driver, struct tty_struct *tty) }
static int pty_bsd_ioctl(struct tty_struct *tty, - unsigned int cmd, unsigned long arg) + unsigned int cmd, user_uintptr_t arg) { switch (cmd) { case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ @@ -640,7 +640,7 @@ int ptm_open_peer(struct file *master, struct tty_struct *tty, int flags) }
static int pty_unix98_ioctl(struct tty_struct *tty, - unsigned int cmd, unsigned long arg) + unsigned int cmd, user_uintptr_t arg) { switch (cmd) { case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c index 6b86149cd879..122c768893fd 100644 --- a/drivers/tty/serial/serial_core.c +++ b/drivers/tty/serial/serial_core.c @@ -1511,7 +1511,7 @@ static int uart_set_iso7816_config(struct uart_port *port, * Called via sys_ioctl. We can use spin_lock_irq() here. */ static int -uart_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg) +uart_ioctl(struct tty_struct *tty, unsigned int cmd, user_uintptr_t arg) { struct uart_state *state = tty->driver_data; struct tty_port *port = &state->port; diff --git a/drivers/tty/tty_ioctl.c b/drivers/tty/tty_ioctl.c index ce511557b98b..45a5538cdc4a 100644 --- a/drivers/tty/tty_ioctl.c +++ b/drivers/tty/tty_ioctl.c @@ -760,7 +760,7 @@ static int tty_change_softcar(struct tty_struct *tty, int arg) * consistent mode setting. */
-int tty_mode_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg) +int tty_mode_ioctl(struct tty_struct *tty, unsigned int cmd, user_uintptr_t arg) { struct tty_struct *real_tty; void __user *p = (void __user *)arg; diff --git a/drivers/tty/vt/keyboard.c b/drivers/tty/vt/keyboard.c index be8313cdbac3..e001fc67151c 100644 --- a/drivers/tty/vt/keyboard.c +++ b/drivers/tty/vt/keyboard.c @@ -2109,7 +2109,7 @@ int vt_do_kdgkb_ioctl(int cmd, struct kbsentry __user *user_kdgkb, int perm) return ret; }
-int vt_do_kdskled(unsigned int console, int cmd, unsigned long arg, int perm) +int vt_do_kdskled(unsigned int console, int cmd, user_uintptr_t arg, int perm) { struct kbd_struct *kb = &kbd_table[console]; unsigned long flags; diff --git a/drivers/tty/vt/vt.c b/drivers/tty/vt/vt.c index 981d2bfcf9a5..8f7bc37fab54 100644 --- a/drivers/tty/vt/vt.c +++ b/drivers/tty/vt/vt.c @@ -3181,7 +3181,7 @@ static struct console vt_console_driver = { * set_selection_user has locking, and definitely needs it */
-int tioclinux(struct tty_struct *tty, unsigned long arg) +int tioclinux(struct tty_struct *tty, user_uintptr_t arg) { char type, data; char __user *p = (char __user *)arg; diff --git a/drivers/tty/vt/vt_ioctl.c b/drivers/tty/vt/vt_ioctl.c index e120bd655b0e..1106077f1b0c 100644 --- a/drivers/tty/vt/vt_ioctl.c +++ b/drivers/tty/vt/vt_ioctl.c @@ -281,7 +281,7 @@ static int vt_kdsetmode(struct vc_data *vc, unsigned long mode) }
static int vt_k_ioctl(struct tty_struct *tty, unsigned int cmd, - unsigned long arg, bool perm) + user_uintptr_t arg, bool perm) { struct vc_data *vc = tty->driver_data; void __user *up = (void __user *)arg; @@ -734,7 +734,7 @@ static int vt_resizex(struct vc_data *vc, struct vt_consize __user *cs) * capability to modify any console, not just the fg_console. */ int vt_ioctl(struct tty_struct *tty, - unsigned int cmd, unsigned long arg) + unsigned int cmd, user_uintptr_t arg) { struct vc_data *vc = tty->driver_data; void __user *up = (void __user *)arg; @@ -845,7 +845,7 @@ int vt_ioctl(struct tty_struct *tty, return -ENXIO;
arg--; - arg = array_index_nospec(arg, MAX_NR_CONSOLES); + arg = array_index_nospec((unsigned long)arg, MAX_NR_CONSOLES); console_lock(); ret = vc_allocate(arg); console_unlock(); @@ -903,7 +903,7 @@ int vt_ioctl(struct tty_struct *tty, break; }
- arg = array_index_nospec(arg - 1, MAX_NR_CONSOLES); + arg = array_index_nospec((unsigned long)arg - 1, MAX_NR_CONSOLES); return vt_disallocate(arg);
case VT_RESIZE: diff --git a/include/linux/tty.h b/include/linux/tty.h index 730c3301d710..dd344a6f1bd0 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h @@ -458,7 +458,7 @@ int tty_set_termios(struct tty_struct *tty, struct ktermios *kt);
void tty_wakeup(struct tty_struct *tty);
-int tty_mode_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg); +int tty_mode_ioctl(struct tty_struct *tty, unsigned int cmd, user_uintptr_t arg); int tty_perform_flush(struct tty_struct *tty, unsigned long arg); struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx); void tty_release_struct(struct tty_struct *tty, int idx); @@ -501,7 +501,7 @@ int n_tty_ioctl_helper(struct tty_struct *tty, unsigned int cmd,
/* vt.c */
-int vt_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg); +int vt_ioctl(struct tty_struct *tty, unsigned int cmd, user_uintptr_t arg);
long vt_compat_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg); diff --git a/include/linux/tty_driver.h b/include/linux/tty_driver.h index e00034118c7b..8301629c5c5d 100644 --- a/include/linux/tty_driver.h +++ b/include/linux/tty_driver.h @@ -363,7 +363,7 @@ struct tty_operations { unsigned int (*write_room)(struct tty_struct *tty); unsigned int (*chars_in_buffer)(struct tty_struct *tty); int (*ioctl)(struct tty_struct *tty, - unsigned int cmd, unsigned long arg); + unsigned int cmd, user_uintptr_t arg); long (*compat_ioctl)(struct tty_struct *tty, unsigned int cmd, unsigned long arg); void (*set_termios)(struct tty_struct *tty, const struct ktermios *old); diff --git a/include/linux/tty_ldisc.h b/include/linux/tty_ldisc.h index dcb61ec11424..b8c340a12bff 100644 --- a/include/linux/tty_ldisc.h +++ b/include/linux/tty_ldisc.h @@ -224,7 +224,7 @@ struct tty_ldisc_ops { ssize_t (*write)(struct tty_struct *tty, struct file *file, const unsigned char *buf, size_t nr); int (*ioctl)(struct tty_struct *tty, unsigned int cmd, - unsigned long arg); + user_uintptr_t arg); int (*compat_ioctl)(struct tty_struct *tty, unsigned int cmd, unsigned long arg); void (*set_termios)(struct tty_struct *tty, const struct ktermios *old); diff --git a/include/linux/vt_kern.h b/include/linux/vt_kern.h index c1f5aebef170..5cca5e106313 100644 --- a/include/linux/vt_kern.h +++ b/include/linux/vt_kern.h @@ -43,7 +43,7 @@ void redraw_screen(struct vc_data *vc, int is_switch); #define switch_screen(x) redraw_screen(x, 1)
struct tty_struct; -int tioclinux(struct tty_struct *tty, unsigned long arg); +int tioclinux(struct tty_struct *tty, user_uintptr_t arg);
#ifdef CONFIG_CONSOLE_TRANSLATIONS /* consolemap.c */ @@ -154,7 +154,7 @@ int vt_do_kbkeycode_ioctl(int cmd, struct kbkeycode __user *user_kbkc, int vt_do_kdsk_ioctl(int cmd, struct kbentry __user *user_kbe, int perm, unsigned int console); int vt_do_kdgkb_ioctl(int cmd, struct kbsentry __user *user_kdgkb, int perm); -int vt_do_kdskled(unsigned int console, int cmd, unsigned long arg, int perm); +int vt_do_kdskled(unsigned int console, int cmd, user_uintptr_t arg, int perm); int vt_do_kdgkbmode(unsigned int console); int vt_do_kdgkbmeta(unsigned int console); void vt_reset_unicode(unsigned int console);