blob: 25f1d10155e8a3d6c0a9de590d9e14b2664508ba [file] [log] [blame]
Sam Ravnborgf5e706a2008-07-17 21:55:51 -07001/*
2 * uaccess.h: User space memore access functions.
3 *
4 * Copyright (C) 1996 David S. Miller (davem@caip.rutgers.edu)
5 * Copyright (C) 1996,1997 Jakub Jelinek (jj@sunsite.mff.cuni.cz)
6 */
7#ifndef _ASM_UACCESS_H
8#define _ASM_UACCESS_H
9
10#ifdef __KERNEL__
11#include <linux/compiler.h>
12#include <linux/sched.h>
13#include <linux/string.h>
14#include <linux/errno.h>
15#include <asm/vac-ops.h>
16#endif
17
18#ifndef __ASSEMBLY__
19
Rusty Russellad6561d2009-06-12 21:47:03 -060020#define ARCH_HAS_SORT_EXTABLE
21#define ARCH_HAS_SEARCH_EXTABLE
22
Sam Ravnborgf5e706a2008-07-17 21:55:51 -070023/* Sparc is not segmented, however we need to be able to fool access_ok()
24 * when doing system calls from kernel mode legitimately.
25 *
26 * "For historical reasons, these macros are grossly misnamed." -Linus
27 */
28
29#define KERNEL_DS ((mm_segment_t) { 0 })
30#define USER_DS ((mm_segment_t) { -1 })
31
32#define VERIFY_READ 0
33#define VERIFY_WRITE 1
34
35#define get_ds() (KERNEL_DS)
36#define get_fs() (current->thread.current_ds)
37#define set_fs(val) ((current->thread.current_ds) = (val))
38
39#define segment_eq(a,b) ((a).seg == (b).seg)
40
41/* We have there a nice not-mapped page at PAGE_OFFSET - PAGE_SIZE, so that this test
42 * can be fairly lightweight.
43 * No one can read/write anything from userland in the kernel space by setting
44 * large size and address near to PAGE_OFFSET - a fault will break his intentions.
45 */
46#define __user_ok(addr, size) ({ (void)(size); (addr) < STACK_TOP; })
47#define __kernel_ok (segment_eq(get_fs(), KERNEL_DS))
48#define __access_ok(addr,size) (__user_ok((addr) & get_fs().seg,(size)))
49#define access_ok(type, addr, size) \
50 ({ (void)(type); __access_ok((unsigned long)(addr), size); })
51
52/*
53 * The exception table consists of pairs of addresses: the first is the
54 * address of an instruction that is allowed to fault, and the second is
55 * the address at which the program should continue. No registers are
56 * modified, so it is entirely up to the continuation code to figure out
57 * what to do.
58 *
59 * All the routines below use bits of fixup code that are out of line
60 * with the main instruction path. This means when everything is well,
61 * we don't even have to jump over them. Further, they do not intrude
62 * on our cache or tlb entries.
63 *
64 * There is a special way how to put a range of potentially faulting
65 * insns (like twenty ldd/std's with now intervening other instructions)
66 * You specify address of first in insn and 0 in fixup and in the next
67 * exception_table_entry you specify last potentially faulting insn + 1
68 * and in fixup the routine which should handle the fault.
69 * That fixup code will get
70 * (faulting_insn_address - first_insn_in_the_range_address)/4
71 * in %g2 (ie. index of the faulting instruction in the range).
72 */
73
74struct exception_table_entry
75{
76 unsigned long insn, fixup;
77};
78
79/* Returns 0 if exception not found and fixup otherwise. */
80extern unsigned long search_extables_range(unsigned long addr, unsigned long *g2);
81
82extern void __ret_efault(void);
83
84/* Uh, these should become the main single-value transfer routines..
85 * They automatically use the right size if we just have the right
86 * pointer type..
87 *
88 * This gets kind of ugly. We want to return _two_ values in "get_user()"
89 * and yet we don't want to do any pointers, because that is too much
90 * of a performance impact. Thus we have a few rather ugly macros here,
91 * and hide all the ugliness from the user.
92 */
93#define put_user(x,ptr) ({ \
94unsigned long __pu_addr = (unsigned long)(ptr); \
95__chk_user_ptr(ptr); \
96__put_user_check((__typeof__(*(ptr)))(x),__pu_addr,sizeof(*(ptr))); })
97
98#define get_user(x,ptr) ({ \
99unsigned long __gu_addr = (unsigned long)(ptr); \
100__chk_user_ptr(ptr); \
101__get_user_check((x),__gu_addr,sizeof(*(ptr)),__typeof__(*(ptr))); })
102
103/*
104 * The "__xxx" versions do not do address space checking, useful when
105 * doing multiple accesses to the same area (the user has to do the
106 * checks by hand with "access_ok()")
107 */
108#define __put_user(x,ptr) __put_user_nocheck((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr)))
109#define __get_user(x,ptr) __get_user_nocheck((x),(ptr),sizeof(*(ptr)),__typeof__(*(ptr)))
110
111struct __large_struct { unsigned long buf[100]; };
112#define __m(x) ((struct __large_struct __user *)(x))
113
114#define __put_user_check(x,addr,size) ({ \
115register int __pu_ret; \
116if (__access_ok(addr,size)) { \
117switch (size) { \
118case 1: __put_user_asm(x,b,addr,__pu_ret); break; \
119case 2: __put_user_asm(x,h,addr,__pu_ret); break; \
120case 4: __put_user_asm(x,,addr,__pu_ret); break; \
121case 8: __put_user_asm(x,d,addr,__pu_ret); break; \
122default: __pu_ret = __put_user_bad(); break; \
123} } else { __pu_ret = -EFAULT; } __pu_ret; })
124
125#define __put_user_nocheck(x,addr,size) ({ \
126register int __pu_ret; \
127switch (size) { \
128case 1: __put_user_asm(x,b,addr,__pu_ret); break; \
129case 2: __put_user_asm(x,h,addr,__pu_ret); break; \
130case 4: __put_user_asm(x,,addr,__pu_ret); break; \
131case 8: __put_user_asm(x,d,addr,__pu_ret); break; \
132default: __pu_ret = __put_user_bad(); break; \
133} __pu_ret; })
134
135#define __put_user_asm(x,size,addr,ret) \
136__asm__ __volatile__( \
137 "/* Put user asm, inline. */\n" \
138"1:\t" "st"#size " %1, %2\n\t" \
139 "clr %0\n" \
140"2:\n\n\t" \
141 ".section .fixup,#alloc,#execinstr\n\t" \
142 ".align 4\n" \
143"3:\n\t" \
144 "b 2b\n\t" \
145 " mov %3, %0\n\t" \
146 ".previous\n\n\t" \
147 ".section __ex_table,#alloc\n\t" \
148 ".align 4\n\t" \
149 ".word 1b, 3b\n\t" \
150 ".previous\n\n\t" \
151 : "=&r" (ret) : "r" (x), "m" (*__m(addr)), \
152 "i" (-EFAULT))
153
154extern int __put_user_bad(void);
155
156#define __get_user_check(x,addr,size,type) ({ \
157register int __gu_ret; \
158register unsigned long __gu_val; \
159if (__access_ok(addr,size)) { \
160switch (size) { \
161case 1: __get_user_asm(__gu_val,ub,addr,__gu_ret); break; \
162case 2: __get_user_asm(__gu_val,uh,addr,__gu_ret); break; \
163case 4: __get_user_asm(__gu_val,,addr,__gu_ret); break; \
164case 8: __get_user_asm(__gu_val,d,addr,__gu_ret); break; \
165default: __gu_val = 0; __gu_ret = __get_user_bad(); break; \
166} } else { __gu_val = 0; __gu_ret = -EFAULT; } x = (type) __gu_val; __gu_ret; })
167
168#define __get_user_check_ret(x,addr,size,type,retval) ({ \
169register unsigned long __gu_val __asm__ ("l1"); \
170if (__access_ok(addr,size)) { \
171switch (size) { \
172case 1: __get_user_asm_ret(__gu_val,ub,addr,retval); break; \
173case 2: __get_user_asm_ret(__gu_val,uh,addr,retval); break; \
174case 4: __get_user_asm_ret(__gu_val,,addr,retval); break; \
175case 8: __get_user_asm_ret(__gu_val,d,addr,retval); break; \
176default: if (__get_user_bad()) return retval; \
177} x = (type) __gu_val; } else return retval; })
178
179#define __get_user_nocheck(x,addr,size,type) ({ \
180register int __gu_ret; \
181register unsigned long __gu_val; \
182switch (size) { \
183case 1: __get_user_asm(__gu_val,ub,addr,__gu_ret); break; \
184case 2: __get_user_asm(__gu_val,uh,addr,__gu_ret); break; \
185case 4: __get_user_asm(__gu_val,,addr,__gu_ret); break; \
186case 8: __get_user_asm(__gu_val,d,addr,__gu_ret); break; \
187default: __gu_val = 0; __gu_ret = __get_user_bad(); break; \
188} x = (type) __gu_val; __gu_ret; })
189
190#define __get_user_nocheck_ret(x,addr,size,type,retval) ({ \
191register unsigned long __gu_val __asm__ ("l1"); \
192switch (size) { \
193case 1: __get_user_asm_ret(__gu_val,ub,addr,retval); break; \
194case 2: __get_user_asm_ret(__gu_val,uh,addr,retval); break; \
195case 4: __get_user_asm_ret(__gu_val,,addr,retval); break; \
196case 8: __get_user_asm_ret(__gu_val,d,addr,retval); break; \
197default: if (__get_user_bad()) return retval; \
198} x = (type) __gu_val; })
199
200#define __get_user_asm(x,size,addr,ret) \
201__asm__ __volatile__( \
202 "/* Get user asm, inline. */\n" \
203"1:\t" "ld"#size " %2, %1\n\t" \
204 "clr %0\n" \
205"2:\n\n\t" \
206 ".section .fixup,#alloc,#execinstr\n\t" \
207 ".align 4\n" \
208"3:\n\t" \
209 "clr %1\n\t" \
210 "b 2b\n\t" \
211 " mov %3, %0\n\n\t" \
212 ".previous\n\t" \
213 ".section __ex_table,#alloc\n\t" \
214 ".align 4\n\t" \
215 ".word 1b, 3b\n\n\t" \
216 ".previous\n\t" \
217 : "=&r" (ret), "=&r" (x) : "m" (*__m(addr)), \
218 "i" (-EFAULT))
219
220#define __get_user_asm_ret(x,size,addr,retval) \
221if (__builtin_constant_p(retval) && retval == -EFAULT) \
222__asm__ __volatile__( \
223 "/* Get user asm ret, inline. */\n" \
224"1:\t" "ld"#size " %1, %0\n\n\t" \
225 ".section __ex_table,#alloc\n\t" \
226 ".align 4\n\t" \
227 ".word 1b,__ret_efault\n\n\t" \
228 ".previous\n\t" \
229 : "=&r" (x) : "m" (*__m(addr))); \
230else \
231__asm__ __volatile__( \
232 "/* Get user asm ret, inline. */\n" \
233"1:\t" "ld"#size " %1, %0\n\n\t" \
234 ".section .fixup,#alloc,#execinstr\n\t" \
235 ".align 4\n" \
236"3:\n\t" \
237 "ret\n\t" \
238 " restore %%g0, %2, %%o0\n\n\t" \
239 ".previous\n\t" \
240 ".section __ex_table,#alloc\n\t" \
241 ".align 4\n\t" \
242 ".word 1b, 3b\n\n\t" \
243 ".previous\n\t" \
244 : "=&r" (x) : "m" (*__m(addr)), "i" (retval))
245
246extern int __get_user_bad(void);
247
248extern unsigned long __copy_user(void __user *to, const void __user *from, unsigned long size);
249
250static inline unsigned long copy_to_user(void __user *to, const void *from, unsigned long n)
251{
252 if (n && __access_ok((unsigned long) to, n))
253 return __copy_user(to, (__force void __user *) from, n);
254 else
255 return n;
256}
257
258static inline unsigned long __copy_to_user(void __user *to, const void *from, unsigned long n)
259{
260 return __copy_user(to, (__force void __user *) from, n);
261}
262
David S. Millerfb340352009-12-10 23:05:23 -0800263extern void copy_from_user_overflow(void)
264#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
265 __compiletime_error("copy_from_user() buffer size is not provably correct")
266#else
267 __compiletime_warning("copy_from_user() buffer size is not provably correct")
268#endif
269;
270
Sam Ravnborgf5e706a2008-07-17 21:55:51 -0700271static inline unsigned long copy_from_user(void *to, const void __user *from, unsigned long n)
272{
David S. Millerfb340352009-12-10 23:05:23 -0800273 int sz = __compiletime_object_size(to);
274
275 if (unlikely(sz != -1 && sz < n)) {
276 copy_from_user_overflow();
Heiko Carstens6df1c172010-01-05 20:41:48 -0800277 return n;
David S. Millerfb340352009-12-10 23:05:23 -0800278 }
279
Sam Ravnborgf5e706a2008-07-17 21:55:51 -0700280 if (n && __access_ok((unsigned long) from, n))
281 return __copy_user((__force void __user *) to, from, n);
282 else
283 return n;
284}
285
286static inline unsigned long __copy_from_user(void *to, const void __user *from, unsigned long n)
287{
288 return __copy_user((__force void __user *) to, from, n);
289}
290
291#define __copy_to_user_inatomic __copy_to_user
292#define __copy_from_user_inatomic __copy_from_user
293
294static inline unsigned long __clear_user(void __user *addr, unsigned long size)
295{
296 unsigned long ret;
297
298 __asm__ __volatile__ (
299 ".section __ex_table,#alloc\n\t"
300 ".align 4\n\t"
301 ".word 1f,3\n\t"
302 ".previous\n\t"
303 "mov %2, %%o1\n"
304 "1:\n\t"
305 "call __bzero\n\t"
306 " mov %1, %%o0\n\t"
307 "mov %%o0, %0\n"
308 : "=r" (ret) : "r" (addr), "r" (size) :
309 "o0", "o1", "o2", "o3", "o4", "o5", "o7",
310 "g1", "g2", "g3", "g4", "g5", "g7", "cc");
311
312 return ret;
313}
314
315static inline unsigned long clear_user(void __user *addr, unsigned long n)
316{
317 if (n && __access_ok((unsigned long) addr, n))
318 return __clear_user(addr, n);
319 else
320 return n;
321}
322
323extern long __strncpy_from_user(char *dest, const char __user *src, long count);
324
325static inline long strncpy_from_user(char *dest, const char __user *src, long count)
326{
327 if (__access_ok((unsigned long) src, count))
328 return __strncpy_from_user(dest, src, count);
329 else
330 return -EFAULT;
331}
332
333extern long __strlen_user(const char __user *);
334extern long __strnlen_user(const char __user *, long len);
335
336static inline long strlen_user(const char __user *str)
337{
338 if (!access_ok(VERIFY_READ, str, 0))
339 return 0;
340 else
341 return __strlen_user(str);
342}
343
344static inline long strnlen_user(const char __user *str, long len)
345{
346 if (!access_ok(VERIFY_READ, str, 0))
347 return 0;
348 else
349 return __strnlen_user(str, len);
350}
351
352#endif /* __ASSEMBLY__ */
353
354#endif /* _ASM_UACCESS_H */