1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31#include <linux/export.h>
32#include <linux/nospec.h>
33#include <linux/pci.h>
34#include <linux/uaccess.h>
35
36#include <drm/drm_agpsupport.h>
37#include <drm/drm_auth.h>
38#include <drm/drm_crtc.h>
39#include <drm/drm_drv.h>
40#include <drm/drm_file.h>
41#include <drm/drm_ioctl.h>
42#include <drm/drm_print.h>
43
44#include "drm_crtc_internal.h"
45#include "drm_internal.h"
46#include "drm_legacy.h"
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117int drm_getunique(struct drm_device *dev, void *data,
118 struct drm_file *file_priv)
119{
120 struct drm_unique *u = data;
121 struct drm_master *master = file_priv->master;
122
123 mutex_lock(&master->dev->master_mutex);
124 if (u->unique_len >= master->unique_len) {
125 if (copy_to_user(u->unique, master->unique, master->unique_len)) {
126 mutex_unlock(&master->dev->master_mutex);
127 return -EFAULT;
128 }
129 }
130 u->unique_len = master->unique_len;
131 mutex_unlock(&master->dev->master_mutex);
132
133 return 0;
134}
135
136static void
137drm_unset_busid(struct drm_device *dev,
138 struct drm_master *master)
139{
140 kfree(master->unique);
141 master->unique = NULL;
142 master->unique_len = 0;
143}
144
145static int drm_set_busid(struct drm_device *dev, struct drm_file *file_priv)
146{
147 struct drm_master *master = file_priv->master;
148 int ret;
149
150 if (master->unique != NULL)
151 drm_unset_busid(dev, master);
152
153 if (dev->dev && dev_is_pci(dev->dev)) {
154 ret = drm_pci_set_busid(dev, master);
155 if (ret) {
156 drm_unset_busid(dev, master);
157 return ret;
158 }
159 } else {
160 WARN_ON(!dev->unique);
161 master->unique = kstrdup(dev->unique, GFP_KERNEL);
162 if (master->unique)
163 master->unique_len = strlen(dev->unique);
164 }
165
166 return 0;
167}
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182int drm_getclient(struct drm_device *dev, void *data,
183 struct drm_file *file_priv)
184{
185 struct drm_client *client = data;
186
187
188
189
190
191
192
193
194
195
196
197
198 if (client->idx == 0) {
199 client->auth = file_priv->authenticated;
200 client->pid = task_pid_vnr(current);
201 client->uid = overflowuid;
202 client->magic = 0;
203 client->iocs = 0;
204
205 return 0;
206 } else {
207 return -EINVAL;
208 }
209}
210
211
212
213
214
215
216
217
218
219
220
221static int drm_getstats(struct drm_device *dev, void *data,
222 struct drm_file *file_priv)
223{
224 struct drm_stats *stats = data;
225
226
227 memset(stats, 0, sizeof(*stats));
228
229 return 0;
230}
231
232
233
234
235static int drm_getcap(struct drm_device *dev, void *data, struct drm_file *file_priv)
236{
237 struct drm_get_cap *req = data;
238 struct drm_crtc *crtc;
239
240 req->value = 0;
241
242
243 switch (req->capability) {
244 case DRM_CAP_TIMESTAMP_MONOTONIC:
245 req->value = 1;
246 return 0;
247 case DRM_CAP_PRIME:
248 req->value |= dev->driver->prime_fd_to_handle ? DRM_PRIME_CAP_IMPORT : 0;
249 req->value |= dev->driver->prime_handle_to_fd ? DRM_PRIME_CAP_EXPORT : 0;
250 return 0;
251 case DRM_CAP_SYNCOBJ:
252 req->value = drm_core_check_feature(dev, DRIVER_SYNCOBJ);
253 return 0;
254 case DRM_CAP_SYNCOBJ_TIMELINE:
255 req->value = drm_core_check_feature(dev, DRIVER_SYNCOBJ_TIMELINE);
256 return 0;
257 }
258
259
260 if (!drm_core_check_feature(dev, DRIVER_MODESET))
261 return -EOPNOTSUPP;
262
263 switch (req->capability) {
264 case DRM_CAP_DUMB_BUFFER:
265 if (dev->driver->dumb_create)
266 req->value = 1;
267 break;
268 case DRM_CAP_VBLANK_HIGH_CRTC:
269 req->value = 1;
270 break;
271 case DRM_CAP_DUMB_PREFERRED_DEPTH:
272 req->value = dev->mode_config.preferred_depth;
273 break;
274 case DRM_CAP_DUMB_PREFER_SHADOW:
275 req->value = dev->mode_config.prefer_shadow;
276 break;
277 case DRM_CAP_ASYNC_PAGE_FLIP:
278 req->value = dev->mode_config.async_page_flip;
279 break;
280 case DRM_CAP_PAGE_FLIP_TARGET:
281 req->value = 1;
282 drm_for_each_crtc(crtc, dev) {
283 if (!crtc->funcs->page_flip_target)
284 req->value = 0;
285 }
286 break;
287 case DRM_CAP_CURSOR_WIDTH:
288 if (dev->mode_config.cursor_width)
289 req->value = dev->mode_config.cursor_width;
290 else
291 req->value = 64;
292 break;
293 case DRM_CAP_CURSOR_HEIGHT:
294 if (dev->mode_config.cursor_height)
295 req->value = dev->mode_config.cursor_height;
296 else
297 req->value = 64;
298 break;
299 case DRM_CAP_ADDFB2_MODIFIERS:
300 req->value = dev->mode_config.allow_fb_modifiers;
301 break;
302 case DRM_CAP_CRTC_IN_VBLANK_EVENT:
303 req->value = 1;
304 break;
305 default:
306 return -EINVAL;
307 }
308 return 0;
309}
310
311
312
313
314static int
315drm_setclientcap(struct drm_device *dev, void *data, struct drm_file *file_priv)
316{
317 struct drm_set_client_cap *req = data;
318
319
320
321
322 if (!drm_core_check_feature(dev, DRIVER_MODESET))
323 return -EOPNOTSUPP;
324
325 switch (req->capability) {
326 case DRM_CLIENT_CAP_STEREO_3D:
327 if (req->value > 1)
328 return -EINVAL;
329 file_priv->stereo_allowed = req->value;
330 break;
331 case DRM_CLIENT_CAP_UNIVERSAL_PLANES:
332 if (req->value > 1)
333 return -EINVAL;
334 file_priv->universal_planes = req->value;
335 break;
336 case DRM_CLIENT_CAP_ATOMIC:
337 if (!drm_core_check_feature(dev, DRIVER_ATOMIC))
338 return -EOPNOTSUPP;
339 if (req->value > 1)
340 return -EINVAL;
341 file_priv->atomic = req->value;
342 file_priv->universal_planes = req->value;
343
344
345
346 file_priv->aspect_ratio_allowed = req->value;
347 break;
348 case DRM_CLIENT_CAP_ASPECT_RATIO:
349 if (req->value > 1)
350 return -EINVAL;
351 file_priv->aspect_ratio_allowed = req->value;
352 break;
353 case DRM_CLIENT_CAP_WRITEBACK_CONNECTORS:
354 if (!file_priv->atomic)
355 return -EINVAL;
356 if (req->value > 1)
357 return -EINVAL;
358 file_priv->writeback_connectors = req->value;
359 break;
360 default:
361 return -EINVAL;
362 }
363
364 return 0;
365}
366
367
368
369
370
371
372
373
374
375
376
377
378static int drm_setversion(struct drm_device *dev, void *data, struct drm_file *file_priv)
379{
380 struct drm_set_version *sv = data;
381 int if_version, retcode = 0;
382
383 mutex_lock(&dev->master_mutex);
384 if (sv->drm_di_major != -1) {
385 if (sv->drm_di_major != DRM_IF_MAJOR ||
386 sv->drm_di_minor < 0 || sv->drm_di_minor > DRM_IF_MINOR) {
387 retcode = -EINVAL;
388 goto done;
389 }
390 if_version = DRM_IF_VERSION(sv->drm_di_major,
391 sv->drm_di_minor);
392 dev->if_version = max(if_version, dev->if_version);
393 if (sv->drm_di_minor >= 1) {
394
395
396
397
398 retcode = drm_set_busid(dev, file_priv);
399 if (retcode)
400 goto done;
401 }
402 }
403
404 if (sv->drm_dd_major != -1) {
405 if (sv->drm_dd_major != dev->driver->major ||
406 sv->drm_dd_minor < 0 || sv->drm_dd_minor >
407 dev->driver->minor) {
408 retcode = -EINVAL;
409 goto done;
410 }
411 }
412
413done:
414 sv->drm_di_major = DRM_IF_MAJOR;
415 sv->drm_di_minor = DRM_IF_MINOR;
416 sv->drm_dd_major = dev->driver->major;
417 sv->drm_dd_minor = dev->driver->minor;
418 mutex_unlock(&dev->master_mutex);
419
420 return retcode;
421}
422
423
424
425
426
427
428
429
430
431
432
433
434
435int drm_noop(struct drm_device *dev, void *data,
436 struct drm_file *file_priv)
437{
438 DRM_DEBUG("\n");
439 return 0;
440}
441EXPORT_SYMBOL(drm_noop);
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458int drm_invalid_op(struct drm_device *dev, void *data,
459 struct drm_file *file_priv)
460{
461 return -EINVAL;
462}
463EXPORT_SYMBOL(drm_invalid_op);
464
465
466
467
468static int drm_copy_field(char __user *buf, size_t *buf_len, const char *value)
469{
470 int len;
471
472
473 len = strlen(value);
474 if (len > *buf_len)
475 len = *buf_len;
476
477
478
479 *buf_len = strlen(value);
480
481
482 if (len && buf)
483 if (copy_to_user(buf, value, len))
484 return -EFAULT;
485 return 0;
486}
487
488
489
490
491
492
493
494
495
496
497
498
499int drm_version(struct drm_device *dev, void *data,
500 struct drm_file *file_priv)
501{
502 struct drm_version *version = data;
503 int err;
504
505 version->version_major = dev->driver->major;
506 version->version_minor = dev->driver->minor;
507 version->version_patchlevel = dev->driver->patchlevel;
508 err = drm_copy_field(version->name, &version->name_len,
509 dev->driver->name);
510 if (!err)
511 err = drm_copy_field(version->date, &version->date_len,
512 dev->driver->date);
513 if (!err)
514 err = drm_copy_field(version->desc, &version->desc_len,
515 dev->driver->desc);
516
517 return err;
518}
519
520
521
522
523
524
525
526
527
528
529
530
531
532int drm_ioctl_permit(u32 flags, struct drm_file *file_priv)
533{
534
535 if (unlikely((flags & DRM_ROOT_ONLY) && !capable(CAP_SYS_ADMIN)))
536 return -EACCES;
537
538
539 if (unlikely((flags & DRM_AUTH) && !drm_is_render_client(file_priv) &&
540 !file_priv->authenticated))
541 return -EACCES;
542
543
544 if (unlikely((flags & DRM_MASTER) &&
545 !drm_is_current_master(file_priv)))
546 return -EACCES;
547
548
549 if (unlikely(!(flags & DRM_RENDER_ALLOW) &&
550 drm_is_render_client(file_priv)))
551 return -EACCES;
552
553 return 0;
554}
555EXPORT_SYMBOL(drm_ioctl_permit);
556
557#define DRM_IOCTL_DEF(ioctl, _func, _flags) \
558 [DRM_IOCTL_NR(ioctl)] = { \
559 .cmd = ioctl, \
560 .func = _func, \
561 .flags = _flags, \
562 .name = #ioctl \
563 }
564
565#if IS_ENABLED(CONFIG_DRM_LEGACY)
566#define DRM_LEGACY_IOCTL_DEF(ioctl, _func, _flags) DRM_IOCTL_DEF(ioctl, _func, _flags)
567#else
568#define DRM_LEGACY_IOCTL_DEF(ioctl, _func, _flags) DRM_IOCTL_DEF(ioctl, drm_invalid_op, _flags)
569#endif
570
571
572static const struct drm_ioctl_desc drm_ioctls[] = {
573 DRM_IOCTL_DEF(DRM_IOCTL_VERSION, drm_version,
574 DRM_UNLOCKED|DRM_RENDER_ALLOW),
575 DRM_IOCTL_DEF(DRM_IOCTL_GET_UNIQUE, drm_getunique, DRM_UNLOCKED),
576 DRM_IOCTL_DEF(DRM_IOCTL_GET_MAGIC, drm_getmagic, DRM_UNLOCKED),
577 DRM_IOCTL_DEF(DRM_IOCTL_IRQ_BUSID, drm_irq_by_busid, DRM_MASTER|DRM_ROOT_ONLY),
578
579 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_GET_MAP, drm_legacy_getmap_ioctl, DRM_UNLOCKED),
580
581 DRM_IOCTL_DEF(DRM_IOCTL_GET_CLIENT, drm_getclient, DRM_UNLOCKED),
582 DRM_IOCTL_DEF(DRM_IOCTL_GET_STATS, drm_getstats, DRM_UNLOCKED),
583 DRM_IOCTL_DEF(DRM_IOCTL_GET_CAP, drm_getcap, DRM_UNLOCKED|DRM_RENDER_ALLOW),
584 DRM_IOCTL_DEF(DRM_IOCTL_SET_CLIENT_CAP, drm_setclientcap, DRM_UNLOCKED),
585 DRM_IOCTL_DEF(DRM_IOCTL_SET_VERSION, drm_setversion, DRM_UNLOCKED | DRM_MASTER),
586
587 DRM_IOCTL_DEF(DRM_IOCTL_SET_UNIQUE, drm_invalid_op, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
588 DRM_IOCTL_DEF(DRM_IOCTL_BLOCK, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
589 DRM_IOCTL_DEF(DRM_IOCTL_UNBLOCK, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
590 DRM_IOCTL_DEF(DRM_IOCTL_AUTH_MAGIC, drm_authmagic, DRM_UNLOCKED|DRM_MASTER),
591
592 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_ADD_MAP, drm_legacy_addmap_ioctl, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
593 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_RM_MAP, drm_legacy_rmmap_ioctl, DRM_AUTH),
594
595 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_SET_SAREA_CTX, drm_legacy_setsareactx, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
596 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_GET_SAREA_CTX, drm_legacy_getsareactx, DRM_AUTH),
597
598 DRM_IOCTL_DEF(DRM_IOCTL_SET_MASTER, drm_setmaster_ioctl, DRM_UNLOCKED|DRM_ROOT_ONLY),
599 DRM_IOCTL_DEF(DRM_IOCTL_DROP_MASTER, drm_dropmaster_ioctl, DRM_UNLOCKED|DRM_ROOT_ONLY),
600
601 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_ADD_CTX, drm_legacy_addctx, DRM_AUTH|DRM_ROOT_ONLY),
602 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_RM_CTX, drm_legacy_rmctx, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
603 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_MOD_CTX, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
604 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_GET_CTX, drm_legacy_getctx, DRM_AUTH),
605 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_SWITCH_CTX, drm_legacy_switchctx, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
606 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_NEW_CTX, drm_legacy_newctx, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
607 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_RES_CTX, drm_legacy_resctx, DRM_AUTH),
608
609 DRM_IOCTL_DEF(DRM_IOCTL_ADD_DRAW, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
610 DRM_IOCTL_DEF(DRM_IOCTL_RM_DRAW, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
611
612 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_LOCK, drm_legacy_lock, DRM_AUTH),
613 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_UNLOCK, drm_legacy_unlock, DRM_AUTH),
614
615 DRM_IOCTL_DEF(DRM_IOCTL_FINISH, drm_noop, DRM_AUTH),
616
617 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_ADD_BUFS, drm_legacy_addbufs, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
618 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_MARK_BUFS, drm_legacy_markbufs, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
619 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_INFO_BUFS, drm_legacy_infobufs, DRM_AUTH),
620 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_MAP_BUFS, drm_legacy_mapbufs, DRM_AUTH),
621 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_FREE_BUFS, drm_legacy_freebufs, DRM_AUTH),
622 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_DMA, drm_legacy_dma_ioctl, DRM_AUTH),
623 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_CONTROL, drm_legacy_irq_control, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
624
625#if IS_ENABLED(CONFIG_AGP)
626 DRM_IOCTL_DEF(DRM_IOCTL_AGP_ACQUIRE, drm_agp_acquire_ioctl, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
627 DRM_IOCTL_DEF(DRM_IOCTL_AGP_RELEASE, drm_agp_release_ioctl, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
628 DRM_IOCTL_DEF(DRM_IOCTL_AGP_ENABLE, drm_agp_enable_ioctl, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
629 DRM_IOCTL_DEF(DRM_IOCTL_AGP_INFO, drm_agp_info_ioctl, DRM_AUTH),
630 DRM_IOCTL_DEF(DRM_IOCTL_AGP_ALLOC, drm_agp_alloc_ioctl, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
631 DRM_IOCTL_DEF(DRM_IOCTL_AGP_FREE, drm_agp_free_ioctl, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
632 DRM_IOCTL_DEF(DRM_IOCTL_AGP_BIND, drm_agp_bind_ioctl, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
633 DRM_IOCTL_DEF(DRM_IOCTL_AGP_UNBIND, drm_agp_unbind_ioctl, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
634#endif
635
636 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_SG_ALLOC, drm_legacy_sg_alloc, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
637 DRM_LEGACY_IOCTL_DEF(DRM_IOCTL_SG_FREE, drm_legacy_sg_free, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
638
639 DRM_IOCTL_DEF(DRM_IOCTL_WAIT_VBLANK, drm_wait_vblank_ioctl, DRM_UNLOCKED),
640
641 DRM_IOCTL_DEF(DRM_IOCTL_MODESET_CTL, drm_legacy_modeset_ctl_ioctl, 0),
642
643 DRM_IOCTL_DEF(DRM_IOCTL_UPDATE_DRAW, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
644
645 DRM_IOCTL_DEF(DRM_IOCTL_GEM_CLOSE, drm_gem_close_ioctl, DRM_UNLOCKED|DRM_RENDER_ALLOW),
646 DRM_IOCTL_DEF(DRM_IOCTL_GEM_FLINK, drm_gem_flink_ioctl, DRM_AUTH|DRM_UNLOCKED),
647 DRM_IOCTL_DEF(DRM_IOCTL_GEM_OPEN, drm_gem_open_ioctl, DRM_AUTH|DRM_UNLOCKED),
648
649 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETRESOURCES, drm_mode_getresources, DRM_UNLOCKED),
650
651 DRM_IOCTL_DEF(DRM_IOCTL_PRIME_HANDLE_TO_FD, drm_prime_handle_to_fd_ioctl, DRM_AUTH|DRM_UNLOCKED|DRM_RENDER_ALLOW),
652 DRM_IOCTL_DEF(DRM_IOCTL_PRIME_FD_TO_HANDLE, drm_prime_fd_to_handle_ioctl, DRM_AUTH|DRM_UNLOCKED|DRM_RENDER_ALLOW),
653
654 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETPLANERESOURCES, drm_mode_getplane_res, DRM_UNLOCKED),
655 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETCRTC, drm_mode_getcrtc, DRM_UNLOCKED),
656 DRM_IOCTL_DEF(DRM_IOCTL_MODE_SETCRTC, drm_mode_setcrtc, DRM_MASTER|DRM_UNLOCKED),
657 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETPLANE, drm_mode_getplane, DRM_UNLOCKED),
658 DRM_IOCTL_DEF(DRM_IOCTL_MODE_SETPLANE, drm_mode_setplane, DRM_MASTER|DRM_UNLOCKED),
659 DRM_IOCTL_DEF(DRM_IOCTL_MODE_CURSOR, drm_mode_cursor_ioctl, DRM_MASTER|DRM_UNLOCKED),
660 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETGAMMA, drm_mode_gamma_get_ioctl, DRM_UNLOCKED),
661 DRM_IOCTL_DEF(DRM_IOCTL_MODE_SETGAMMA, drm_mode_gamma_set_ioctl, DRM_MASTER|DRM_UNLOCKED),
662 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETENCODER, drm_mode_getencoder, DRM_UNLOCKED),
663 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETCONNECTOR, drm_mode_getconnector, DRM_UNLOCKED),
664 DRM_IOCTL_DEF(DRM_IOCTL_MODE_ATTACHMODE, drm_noop, DRM_MASTER|DRM_UNLOCKED),
665 DRM_IOCTL_DEF(DRM_IOCTL_MODE_DETACHMODE, drm_noop, DRM_MASTER|DRM_UNLOCKED),
666 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETPROPERTY, drm_mode_getproperty_ioctl, DRM_UNLOCKED),
667 DRM_IOCTL_DEF(DRM_IOCTL_MODE_SETPROPERTY, drm_connector_property_set_ioctl, DRM_MASTER|DRM_UNLOCKED),
668 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETPROPBLOB, drm_mode_getblob_ioctl, DRM_UNLOCKED),
669 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETFB, drm_mode_getfb, DRM_UNLOCKED),
670 DRM_IOCTL_DEF(DRM_IOCTL_MODE_ADDFB, drm_mode_addfb_ioctl, DRM_UNLOCKED),
671 DRM_IOCTL_DEF(DRM_IOCTL_MODE_ADDFB2, drm_mode_addfb2_ioctl, DRM_UNLOCKED),
672 DRM_IOCTL_DEF(DRM_IOCTL_MODE_RMFB, drm_mode_rmfb_ioctl, DRM_UNLOCKED),
673 DRM_IOCTL_DEF(DRM_IOCTL_MODE_PAGE_FLIP, drm_mode_page_flip_ioctl, DRM_MASTER|DRM_UNLOCKED),
674 DRM_IOCTL_DEF(DRM_IOCTL_MODE_DIRTYFB, drm_mode_dirtyfb_ioctl, DRM_MASTER|DRM_UNLOCKED),
675 DRM_IOCTL_DEF(DRM_IOCTL_MODE_CREATE_DUMB, drm_mode_create_dumb_ioctl, DRM_UNLOCKED),
676 DRM_IOCTL_DEF(DRM_IOCTL_MODE_MAP_DUMB, drm_mode_mmap_dumb_ioctl, DRM_UNLOCKED),
677 DRM_IOCTL_DEF(DRM_IOCTL_MODE_DESTROY_DUMB, drm_mode_destroy_dumb_ioctl, DRM_UNLOCKED),
678 DRM_IOCTL_DEF(DRM_IOCTL_MODE_OBJ_GETPROPERTIES, drm_mode_obj_get_properties_ioctl, DRM_UNLOCKED),
679 DRM_IOCTL_DEF(DRM_IOCTL_MODE_OBJ_SETPROPERTY, drm_mode_obj_set_property_ioctl, DRM_MASTER|DRM_UNLOCKED),
680 DRM_IOCTL_DEF(DRM_IOCTL_MODE_CURSOR2, drm_mode_cursor2_ioctl, DRM_MASTER|DRM_UNLOCKED),
681 DRM_IOCTL_DEF(DRM_IOCTL_MODE_ATOMIC, drm_mode_atomic_ioctl, DRM_MASTER|DRM_UNLOCKED),
682 DRM_IOCTL_DEF(DRM_IOCTL_MODE_CREATEPROPBLOB, drm_mode_createblob_ioctl, DRM_UNLOCKED),
683 DRM_IOCTL_DEF(DRM_IOCTL_MODE_DESTROYPROPBLOB, drm_mode_destroyblob_ioctl, DRM_UNLOCKED),
684
685 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_CREATE, drm_syncobj_create_ioctl,
686 DRM_UNLOCKED|DRM_RENDER_ALLOW),
687 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_DESTROY, drm_syncobj_destroy_ioctl,
688 DRM_UNLOCKED|DRM_RENDER_ALLOW),
689 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD, drm_syncobj_handle_to_fd_ioctl,
690 DRM_UNLOCKED|DRM_RENDER_ALLOW),
691 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE, drm_syncobj_fd_to_handle_ioctl,
692 DRM_UNLOCKED|DRM_RENDER_ALLOW),
693 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_TRANSFER, drm_syncobj_transfer_ioctl,
694 DRM_UNLOCKED|DRM_RENDER_ALLOW),
695 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_WAIT, drm_syncobj_wait_ioctl,
696 DRM_UNLOCKED|DRM_RENDER_ALLOW),
697 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT, drm_syncobj_timeline_wait_ioctl,
698 DRM_UNLOCKED|DRM_RENDER_ALLOW),
699 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_RESET, drm_syncobj_reset_ioctl,
700 DRM_UNLOCKED|DRM_RENDER_ALLOW),
701 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_SIGNAL, drm_syncobj_signal_ioctl,
702 DRM_UNLOCKED|DRM_RENDER_ALLOW),
703 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL, drm_syncobj_timeline_signal_ioctl,
704 DRM_UNLOCKED|DRM_RENDER_ALLOW),
705 DRM_IOCTL_DEF(DRM_IOCTL_SYNCOBJ_QUERY, drm_syncobj_query_ioctl,
706 DRM_UNLOCKED|DRM_RENDER_ALLOW),
707 DRM_IOCTL_DEF(DRM_IOCTL_CRTC_GET_SEQUENCE, drm_crtc_get_sequence_ioctl, DRM_UNLOCKED),
708 DRM_IOCTL_DEF(DRM_IOCTL_CRTC_QUEUE_SEQUENCE, drm_crtc_queue_sequence_ioctl, DRM_UNLOCKED),
709 DRM_IOCTL_DEF(DRM_IOCTL_MODE_CREATE_LEASE, drm_mode_create_lease_ioctl, DRM_MASTER|DRM_UNLOCKED),
710 DRM_IOCTL_DEF(DRM_IOCTL_MODE_LIST_LESSEES, drm_mode_list_lessees_ioctl, DRM_MASTER|DRM_UNLOCKED),
711 DRM_IOCTL_DEF(DRM_IOCTL_MODE_GET_LEASE, drm_mode_get_lease_ioctl, DRM_MASTER|DRM_UNLOCKED),
712 DRM_IOCTL_DEF(DRM_IOCTL_MODE_REVOKE_LEASE, drm_mode_revoke_lease_ioctl, DRM_MASTER|DRM_UNLOCKED),
713};
714
715#define DRM_CORE_IOCTL_COUNT ARRAY_SIZE( drm_ioctls )
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765long drm_ioctl_kernel(struct file *file, drm_ioctl_t *func, void *kdata,
766 u32 flags)
767{
768 struct drm_file *file_priv = file->private_data;
769 struct drm_device *dev = file_priv->minor->dev;
770 int retcode;
771
772 if (drm_dev_is_unplugged(dev))
773 return -ENODEV;
774
775 retcode = drm_ioctl_permit(flags, file_priv);
776 if (unlikely(retcode))
777 return retcode;
778
779
780 if (!drm_core_check_feature(dev, DRIVER_LEGACY) ||
781 (flags & DRM_UNLOCKED))
782 retcode = func(dev, kdata, file_priv);
783 else {
784 mutex_lock(&drm_global_mutex);
785 retcode = func(dev, kdata, file_priv);
786 mutex_unlock(&drm_global_mutex);
787 }
788 return retcode;
789}
790EXPORT_SYMBOL(drm_ioctl_kernel);
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805long drm_ioctl(struct file *filp,
806 unsigned int cmd, unsigned long arg)
807{
808 struct drm_file *file_priv = filp->private_data;
809 struct drm_device *dev;
810 const struct drm_ioctl_desc *ioctl = NULL;
811 drm_ioctl_t *func;
812 unsigned int nr = DRM_IOCTL_NR(cmd);
813 int retcode = -EINVAL;
814 char stack_kdata[128];
815 char *kdata = NULL;
816 unsigned int in_size, out_size, drv_size, ksize;
817 bool is_driver_ioctl;
818
819 dev = file_priv->minor->dev;
820
821 if (drm_dev_is_unplugged(dev))
822 return -ENODEV;
823
824 is_driver_ioctl = nr >= DRM_COMMAND_BASE && nr < DRM_COMMAND_END;
825
826 if (is_driver_ioctl) {
827
828 unsigned int index = nr - DRM_COMMAND_BASE;
829
830 if (index >= dev->driver->num_ioctls)
831 goto err_i1;
832 index = array_index_nospec(index, dev->driver->num_ioctls);
833 ioctl = &dev->driver->ioctls[index];
834 } else {
835
836 if (nr >= DRM_CORE_IOCTL_COUNT)
837 goto err_i1;
838 nr = array_index_nospec(nr, DRM_CORE_IOCTL_COUNT);
839 ioctl = &drm_ioctls[nr];
840 }
841
842 drv_size = _IOC_SIZE(ioctl->cmd);
843 out_size = in_size = _IOC_SIZE(cmd);
844 if ((cmd & ioctl->cmd & IOC_IN) == 0)
845 in_size = 0;
846 if ((cmd & ioctl->cmd & IOC_OUT) == 0)
847 out_size = 0;
848 ksize = max(max(in_size, out_size), drv_size);
849
850 DRM_DEBUG("pid=%d, dev=0x%lx, auth=%d, %s\n",
851 task_pid_nr(current),
852 (long)old_encode_dev(file_priv->minor->kdev->devt),
853 file_priv->authenticated, ioctl->name);
854
855
856 func = ioctl->func;
857
858 if (unlikely(!func)) {
859 DRM_DEBUG("no function\n");
860 retcode = -EINVAL;
861 goto err_i1;
862 }
863
864 if (ksize <= sizeof(stack_kdata)) {
865 kdata = stack_kdata;
866 } else {
867 kdata = kmalloc(ksize, GFP_KERNEL);
868 if (!kdata) {
869 retcode = -ENOMEM;
870 goto err_i1;
871 }
872 }
873
874 if (copy_from_user(kdata, (void __user *)arg, in_size) != 0) {
875 retcode = -EFAULT;
876 goto err_i1;
877 }
878
879 if (ksize > in_size)
880 memset(kdata + in_size, 0, ksize - in_size);
881
882 retcode = drm_ioctl_kernel(filp, func, kdata, ioctl->flags);
883 if (copy_to_user((void __user *)arg, kdata, out_size) != 0)
884 retcode = -EFAULT;
885
886 err_i1:
887 if (!ioctl)
888 DRM_DEBUG("invalid ioctl: pid=%d, dev=0x%lx, auth=%d, cmd=0x%02x, nr=0x%02x\n",
889 task_pid_nr(current),
890 (long)old_encode_dev(file_priv->minor->kdev->devt),
891 file_priv->authenticated, cmd, nr);
892
893 if (kdata != stack_kdata)
894 kfree(kdata);
895 if (retcode)
896 DRM_DEBUG("pid=%d, ret = %d\n", task_pid_nr(current), retcode);
897 return retcode;
898}
899EXPORT_SYMBOL(drm_ioctl);
900
901
902
903
904
905
906
907
908
909
910
911
912
913bool drm_ioctl_flags(unsigned int nr, unsigned int *flags)
914{
915 if (nr >= DRM_COMMAND_BASE && nr < DRM_COMMAND_END)
916 return false;
917
918 if (nr >= DRM_CORE_IOCTL_COUNT)
919 return false;
920 nr = array_index_nospec(nr, DRM_CORE_IOCTL_COUNT);
921
922 *flags = drm_ioctls[nr].flags;
923 return true;
924}
925EXPORT_SYMBOL(drm_ioctl_flags);
926