Merge branch 'net-various-compat-ioctl-fixes'

EXPORT_SYMBOL(dlci_ioctl_set);

static long sock_do_ioctl(struct net *net, struct socket *sock,

			  unsigned int cmd, unsigned long arg,

			  unsigned int ifreq_size)

			  unsigned int cmd, unsigned long arg)

{

	int err;

	void __user *argp = (void __user *)arg;

	} else {

		struct ifreq ifr;

		bool need_copyout;

		if (copy_from_user(&ifr, argp, ifreq_size))

		if (copy_from_user(&ifr, argp, sizeof(struct ifreq)))

			return -EFAULT;

		err = dev_ioctl(net, cmd, &ifr, &need_copyout);

		if (!err && need_copyout)

			if (copy_to_user(argp, &ifr, ifreq_size))

			if (copy_to_user(argp, &ifr, sizeof(struct ifreq)))

				return -EFAULT;

	}

	return err;

			err = open_related_ns(&net->ns, get_net_ns);

			break;

		default:

			err = sock_do_ioctl(net, sock, cmd, arg,

					    sizeof(struct ifreq));

			err = sock_do_ioctl(net, sock, cmd, arg);

			break;

		}

	return err;

	int err;

	set_fs(KERNEL_DS);

	err = sock_do_ioctl(net, sock, cmd, (unsigned long)&ktv,

			    sizeof(struct compat_ifreq));

	err = sock_do_ioctl(net, sock, cmd, (unsigned long)&ktv);

	set_fs(old_fs);

	if (!err)

		err = compat_put_timeval(&ktv, up);

	int err;

	set_fs(KERNEL_DS);

	err = sock_do_ioctl(net, sock, cmd, (unsigned long)&kts,

			    sizeof(struct compat_ifreq));

	err = sock_do_ioctl(net, sock, cmd, (unsigned long)&kts);

	set_fs(old_fs);

	if (!err)

		err = compat_put_timespec(&kts, up);

	return dev_ioctl(net, cmd, &ifreq, NULL);

}

static int compat_ifreq_ioctl(struct net *net, struct socket *sock,

			      unsigned int cmd,

			      struct compat_ifreq __user *uifr32)

{

	struct ifreq __user *uifr;

	int err;

	/* Handle the fact that while struct ifreq has the same *layout* on

	 * 32/64 for everything but ifreq::ifru_ifmap and ifreq::ifru_data,

	 * which are handled elsewhere, it still has different *size* due to

	 * ifreq::ifru_ifmap (which is 16 bytes on 32 bit, 24 bytes on 64-bit,

	 * resulting in struct ifreq being 32 and 40 bytes respectively).

	 * As a result, if the struct happens to be at the end of a page and

	 * the next page isn't readable/writable, we get a fault. To prevent

	 * that, copy back and forth to the full size.

	 */

	uifr = compat_alloc_user_space(sizeof(*uifr));

	if (copy_in_user(uifr, uifr32, sizeof(*uifr32)))

		return -EFAULT;

	err = sock_do_ioctl(net, sock, cmd, (unsigned long)uifr);

	if (!err) {

		switch (cmd) {

		case SIOCGIFFLAGS:

		case SIOCGIFMETRIC:

		case SIOCGIFMTU:

		case SIOCGIFMEM:

		case SIOCGIFHWADDR:

		case SIOCGIFINDEX:

		case SIOCGIFADDR:

		case SIOCGIFBRDADDR:

		case SIOCGIFDSTADDR:

		case SIOCGIFNETMASK:

		case SIOCGIFPFLAGS:

		case SIOCGIFTXQLEN:

		case SIOCGMIIPHY:

		case SIOCGMIIREG:

		case SIOCGIFNAME:

			if (copy_in_user(uifr32, uifr, sizeof(*uifr32)))

				err = -EFAULT;

			break;

		}

	}

	return err;

}

static int compat_sioc_ifmap(struct net *net, unsigned int cmd,

			struct compat_ifreq __user *uifr32)

{

	}

	set_fs(KERNEL_DS);

	ret = sock_do_ioctl(net, sock, cmd, (unsigned long) r,

			    sizeof(struct compat_ifreq));

	ret = sock_do_ioctl(net, sock, cmd, (unsigned long) r);

	set_fs(old_fs);

out:

	case SIOCSIFTXQLEN:

	case SIOCBRADDIF:

	case SIOCBRDELIF:

	case SIOCGIFNAME:

	case SIOCSIFNAME:

	case SIOCGMIIPHY:

	case SIOCGMIIREG:

	case SIOCSMIIREG:

	case SIOCSARP:

	case SIOCGARP:

	case SIOCDARP:

	case SIOCATMARK:

	case SIOCBONDENSLAVE:

	case SIOCBONDRELEASE:

	case SIOCBONDSETHWADDR:

	case SIOCBONDCHANGEACTIVE:

	case SIOCGIFNAME:

		return sock_do_ioctl(net, sock, cmd, arg,

				     sizeof(struct compat_ifreq));

		return compat_ifreq_ioctl(net, sock, cmd, argp);

	case SIOCSARP:

	case SIOCGARP:

	case SIOCDARP:

	case SIOCATMARK:

		return sock_do_ioctl(net, sock, cmd, arg);

	}

	return -ENOIOCTLCMD;