/* * Copyright (c) 1991, 1992 Paul Kranenburg * Copyright (c) 1993 Branko Lankester * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey * Copyright (c) 1996-2001 Wichert Akkerman * Copyright (c) 1999-2022 The strace developers. * All rights reserved. * * SPDX-License-Identifier: LGPL-2.1-or-later */ #include "defs.h" #include #include "xlat/ioctl_dirs.h" #if defined(SPARC) || defined(SPARC64) /* * While Alpha, MIPS, PA-RISC, and POWER simply define _IOC_SIZEBITS to 13 * and utilise 3 bits for _IOC_DIRBITS, SPARC tries to provide 14 bits * for the size field ("as on i386") by (ab)using the lowest direction bit. * Unfortunately, while doing so, they decide to define _IOC_SIZE to 0 * when the direction doesn't have _IOC_READ/_IOC_WRITE bits set, which * breaks the invariant * * _IOC_SIZE(_IOC(dir, type, nr, size)) == size * * for _IOC_DIR(val) that doesn't include _IOC_READ or _IOC_WRITE, which * is unacceptable for strace's use case. * So, let's redefine _IOC_SIZE in a way that is more suitable for us. */ # undef _IOC_SIZE # define _IOC_SIZE(nr) \ ((_IOC_DIR(nr) & (_IOC_WRITE | _IOC_READ)) \ ? (((nr) >> _IOC_SIZESHIFT) & _IOC_XSIZEMASK) \ : (((nr) >> _IOC_SIZESHIFT) & _IOC_SIZEMASK)) \ /* end of _IOC_SIZE definition */ #endif static int compare(const void *a, const void *b) { const unsigned int code1 = (const uintptr_t) a; const unsigned int code2 = ((struct_ioctlent *) b)->code; return (code1 > code2) ? 1 : (code1 < code2) ? -1 : 0; } static const struct_ioctlent * ioctl_lookup(const unsigned int code) { struct_ioctlent *iop; iop = bsearch((const void *) (const uintptr_t) code, ioctlent, nioctlents, sizeof(ioctlent[0]), compare); while (iop > ioctlent) { iop--; if (iop->code != code) { iop++; break; } } return iop; } static const struct_ioctlent * ioctl_next_match(const struct_ioctlent *iop) { const unsigned int code = iop->code; iop++; if (iop < ioctlent + nioctlents && iop->code == code) return iop; return NULL; } static void ioctl_print_code(const unsigned int code) { const bool abbrev = xlat_verbose(xlat_verbosity) != XLAT_STYLE_VERBOSE; tprints_arg_begin("_IOC"); printflags_ex(_IOC_DIR(code), abbrev ? "_IOC_???" : "", abbrev ? XLAT_STYLE_DEFAULT : XLAT_STYLE_ABBREV, ioctl_dirs, NULL); tprint_arg_next(); PRINT_VAL_X(_IOC_TYPE(code)); tprint_arg_next(); PRINT_VAL_X(_IOC_NR(code)); tprint_arg_next(); PRINT_VAL_X(_IOC_SIZE(code)); tprint_arg_end(); } static int evdev_decode_number(const unsigned int code) { const unsigned int nr = _IOC_NR(code); const bool abbrev = xlat_verbose(xlat_verbosity) != XLAT_STYLE_VERBOSE; if (_IOC_DIR(code) == _IOC_WRITE) { if (nr >= 0xc0 && nr <= 0xc0 + 0x3f) { tprints_arg_begin("EVIOCSABS"); printxval_ex(evdev_abs, nr - 0xc0, abbrev ? "ABS_???" : "", abbrev ? XLAT_STYLE_DEFAULT : XLAT_STYLE_ABBREV); tprint_arg_end(); return 1; } } if (_IOC_DIR(code) != _IOC_READ) return 0; if (nr >= 0x20 && nr <= 0x20 + 0x1f) { tprints_arg_begin("EVIOCGBIT"); if (nr == 0x20) PRINT_VAL_U(0); else printxval_ex(evdev_ev, nr - 0x20, abbrev ? "EV_???" : "", abbrev ? XLAT_STYLE_DEFAULT : XLAT_STYLE_ABBREV); tprint_arg_next(); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; } else if (nr >= 0x40 && nr <= 0x40 + 0x3f) { tprints_arg_begin("EVIOCGABS"); printxval_ex(evdev_abs, nr - 0x40, abbrev ? "ABS_???" : "", abbrev ? XLAT_STYLE_DEFAULT : XLAT_STYLE_ABBREV); tprint_arg_end(); return 1; } switch (nr) { case 0x06: tprints_arg_begin("EVIOCGNAME"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x07: tprints_arg_begin("EVIOCGPHYS"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x08: tprints_arg_begin("EVIOCGUNIQ"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x09: tprints_arg_begin("EVIOCGPROP"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x0a: tprints_arg_begin("EVIOCGMTSLOTS"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x18: tprints_arg_begin("EVIOCGKEY"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x19: tprints_arg_begin("EVIOCGLED"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x1a: tprints_arg_begin("EVIOCGSND"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x1b: tprints_arg_begin("EVIOCGSW"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; default: return 0; } } static int hiddev_decode_number(const unsigned int code) { if (_IOC_DIR(code) == _IOC_READ) { switch (_IOC_NR(code)) { case 0x04: tprints_arg_begin("HIDIOCGRAWNAME"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x05: tprints_arg_begin("HIDIOCGRAWPHYS"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x06: tprints_arg_begin("HIDIOCSFEATURE"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x08: tprints_arg_begin("HIDIOCGRAWUNIQ"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x12: tprints_arg_begin("HIDIOCGPHYS"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; default: return 0; } } else if (_IOC_DIR(code) == (_IOC_READ | _IOC_WRITE)) { switch (_IOC_NR(code)) { case 0x06: tprints_arg_begin("HIDIOCSFEATURE"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; case 0x07: tprints_arg_begin("HIDIOCGFEATURE"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; default: return 0; } } return 0; } static int ioctl_decode_command_number(struct tcb *tcp) { const unsigned int code = tcp->u_arg[1]; switch (_IOC_TYPE(code)) { case '!': /* 0x21 */ if (code == _IOC(_IOC_READ, '!', 2, sizeof(uint64_t))) { tprints("SECCOMP_IOCTL_NOTIF_ID_VALID_WRONG_DIR"); return 1; } return 0; case 'E': return evdev_decode_number(code); case 'H': return hiddev_decode_number(code); case 'M': if (_IOC_DIR(code) == _IOC_WRITE) { tprints_arg_begin("MIXER_WRITE"); PRINT_VAL_U(_IOC_NR(code)); tprint_arg_end(); return 1; } else if (_IOC_DIR(code) == _IOC_READ) { tprints_arg_begin("MIXER_READ"); PRINT_VAL_U(_IOC_NR(code)); tprint_arg_end(); return 1; } return 0; case 'U': if (_IOC_DIR(code) == _IOC_READ && _IOC_NR(code) == 0x2c) { tprints_arg_begin("UI_GET_SYSNAME"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; } return 0; case 'j': if (_IOC_DIR(code) == _IOC_READ && _IOC_NR(code) == 0x13) { tprints_arg_begin("JSIOCGNAME"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; } return 0; case 'k': if (_IOC_DIR(code) == _IOC_WRITE && _IOC_NR(code) == 0) { tprints_arg_begin("SPI_IOC_MESSAGE"); PRINT_VAL_U(_IOC_SIZE(code)); tprint_arg_end(); return 1; } return 0; default: return 0; } } static int f_ioctl(struct tcb *tcp, const unsigned int code, const kernel_ulong_t arg) { int rc = fs_f_ioctl(tcp, code, arg); #if defined ALPHA if (rc == RVAL_DECODED) rc = sock_ioctl(tcp, code, arg); if (rc == RVAL_DECODED) rc = term_ioctl(tcp, code, arg); #elif defined MIPS || defined SH || defined XTENSA if (rc == RVAL_DECODED) rc = sock_ioctl(tcp, code, arg); #elif defined POWERPC if (rc == RVAL_DECODED) rc = term_ioctl(tcp, code, arg); #endif return rc; } /** * Decode arg parameter of the ioctl call. * * @return There are two flags of the return value important for the purposes of * processing by SYS_FUNC(ioctl): * - RVAL_IOCTL_DECODED: indicates that ioctl decoder code * has printed arg parameter; * - RVAL_DECODED: indicates that decoding is done. * As a result, the following behaviour is expected: * - on entering: * - 0: decoding should be continued on exiting; * - RVAL_IOCTL_DECODED: decoding on exiting is not needed * and decoder has printed arg value; * - RVAL_DECODED: decoding on exiting is not needed * and generic handler should print arg value. * - on exiting: * - 0: generic handler should print arg value; * - RVAL_IOCTL_DECODED: decoder has printed arg value. * * Note that it makes no sense to return just RVAL_DECODED on exiting, * but, of course, it is not prohibited (for example, it may be useful * in cases where the return path is common on entering and on exiting * the syscall). * * SYS_FUNC(ioctl) converts RVAL_IOCTL_DECODED flag to RVAL_DECODED, * and passes all other bits of ioctl_decode return value unchanged. */ static int ioctl_decode(struct tcb *tcp) { const unsigned int code = tcp->u_arg[1]; const kernel_ulong_t arg = tcp->u_arg[2]; switch (_IOC_TYPE(code)) { case 0x03: return hdio_ioctl(tcp, code, arg); case 0x12: return block_ioctl(tcp, code, arg); case '!': /* 0x21 */ return seccomp_ioctl(tcp, code, arg); case '"': /* 0x22 */ return scsi_ioctl(tcp, code, arg); case '$': /* 0x24 */ return perf_ioctl(tcp, code, arg); case '=': /* 0x3d */ return ptp_ioctl(tcp, code, arg); case '>': /* 0x3e */ return counter_ioctl(tcp, code, arg); case 'E': return evdev_ioctl(tcp, code, arg); case 'I': return inotify_ioctl(tcp, code, arg); case 'K': return kd_ioctl(tcp, code, arg); case 'L': return loop_ioctl(tcp, code, arg); case 'M': return mtd_ioctl(tcp, code, arg); case 'O': return ubi_ioctl(tcp, code, arg); case 'R': return random_ioctl(tcp, code, arg); case 'T': return term_ioctl(tcp, code, arg); case 'V': return v4l2_ioctl(tcp, code, arg); case 'W': return watchdog_ioctl(tcp, code, arg); case 'X': return fs_x_ioctl(tcp, code, arg); case 'f': return f_ioctl(tcp, code, arg); case 'i': return lirc_ioctl(tcp, code, arg); case 'o': return ubi_ioctl(tcp, code, arg); case 'p': return rtc_ioctl(tcp, code, arg); #if defined ALPHA || defined MIPS || defined SH || defined XTENSA case 's': return sock_ioctl(tcp, code, arg); #endif #if defined(ALPHA) || defined(POWERPC) case 't': return term_ioctl(tcp, code, arg); #endif /* !ALPHA */ case 0x89: return sock_ioctl(tcp, code, arg); case 0x94: return fs_0x94_ioctl(tcp, code, arg); case 0xa4: return tee_ioctl(tcp, code, arg); case 0xaa: return uffdio_ioctl(tcp, code, arg); case 0xab: return nbd_ioctl(tcp, code, arg); #ifdef HAVE_LINUX_KVM_H case 0xae: return kvm_ioctl(tcp, code, arg); #endif case 0xb4: return gpio_ioctl(tcp, code, arg); case 0xb7: return nsfs_ioctl(tcp, code, arg); case 0xfd: return dm_ioctl(tcp, code, arg); default: break; } return 0; } SYS_FUNC(ioctl) { const struct_ioctlent *iop; int ret; if (entering(tcp)) { printfd(tcp, tcp->u_arg[0]); tprint_arg_next(); if (xlat_verbosity != XLAT_STYLE_ABBREV) PRINT_VAL_X((unsigned int) tcp->u_arg[1]); if (xlat_verbosity == XLAT_STYLE_VERBOSE) tprint_comment_begin(); if (xlat_verbosity != XLAT_STYLE_RAW) { ret = ioctl_decode_command_number(tcp); if (!(ret & IOCTL_NUMBER_STOP_LOOKUP)) { iop = ioctl_lookup(tcp->u_arg[1]); if (iop) { if (ret) tprint_alternative_value(); tprints(iop->symbol); while ((iop = ioctl_next_match(iop))) { tprint_alternative_value(); tprints(iop->symbol); } } else if (!ret) { ioctl_print_code(tcp->u_arg[1]); } } } if (xlat_verbosity == XLAT_STYLE_VERBOSE) tprint_comment_end(); ret = ioctl_decode(tcp); } else { ret = ioctl_decode(tcp) | RVAL_DECODED; } if (ret & RVAL_IOCTL_DECODED) { ret &= ~RVAL_IOCTL_DECODED; ret |= RVAL_DECODED; } else if (ret & RVAL_DECODED) { tprint_arg_next(); PRINT_VAL_X(tcp->u_arg[2]); } return ret; }