blob: 2d9ea11f919ad2a1565091d3b861da2d2da09de5 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 * include/asm-s390/uaccess.h
3 *
4 * S390 version
5 * Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation
6 * Author(s): Hartmut Penner (hp@de.ibm.com),
7 * Martin Schwidefsky (schwidefsky@de.ibm.com)
8 *
9 * Derived from "include/asm-i386/uaccess.h"
10 */
11#ifndef __S390_UACCESS_H
12#define __S390_UACCESS_H
13
14/*
15 * User space memory access functions
16 */
17#include <linux/sched.h>
18#include <linux/errno.h>
19
20#define VERIFY_READ 0
21#define VERIFY_WRITE 1
22
23
24/*
25 * The fs value determines whether argument validity checking should be
26 * performed or not. If get_fs() == USER_DS, checking is performed, with
27 * get_fs() == KERNEL_DS, checking is bypassed.
28 *
29 * For historical reasons, these macros are grossly misnamed.
30 */
31
32#define MAKE_MM_SEG(a) ((mm_segment_t) { (a) })
33
34
35#define KERNEL_DS MAKE_MM_SEG(0)
36#define USER_DS MAKE_MM_SEG(1)
37
38#define get_ds() (KERNEL_DS)
39#define get_fs() (current->thread.mm_segment)
40
Linus Torvalds1da177e2005-04-16 15:20:36 -070041#define set_fs(x) \
42({ \
43 unsigned long __pto; \
44 current->thread.mm_segment = (x); \
45 __pto = current->thread.mm_segment.ar4 ? \
46 S390_lowcore.user_asce : S390_lowcore.kernel_asce; \
Martin Schwidefsky94c12cc2006-09-28 16:56:43 +020047 __ctl_load(__pto, 7, 7); \
Linus Torvalds1da177e2005-04-16 15:20:36 -070048})
Linus Torvalds1da177e2005-04-16 15:20:36 -070049
50#define segment_eq(a,b) ((a).ar4 == (b).ar4)
51
52
Al Viro793af242006-02-01 06:55:59 -050053static inline int __access_ok(const void __user *addr, unsigned long size)
Martin Schwidefskya63a4932006-01-06 00:19:09 -080054{
55 return 1;
56}
Linus Torvalds1da177e2005-04-16 15:20:36 -070057#define access_ok(type,addr,size) __access_ok(addr,size)
58
Linus Torvalds1da177e2005-04-16 15:20:36 -070059/*
60 * The exception table consists of pairs of addresses: the first is the
61 * address of an instruction that is allowed to fault, and the second is
62 * the address at which the program should continue. No registers are
63 * modified, so it is entirely up to the continuation code to figure out
64 * what to do.
65 *
66 * All the routines below use bits of fixup code that are out of line
67 * with the main instruction path. This means when everything is well,
68 * we don't even have to jump over them. Further, they do not intrude
69 * on our cache or tlb entries.
70 */
71
72struct exception_table_entry
73{
74 unsigned long insn, fixup;
75};
76
Gerald Schaeferd02765d2006-09-20 15:59:42 +020077struct uaccess_ops {
78 size_t (*copy_from_user)(size_t, const void __user *, void *);
79 size_t (*copy_from_user_small)(size_t, const void __user *, void *);
80 size_t (*copy_to_user)(size_t, void __user *, const void *);
81 size_t (*copy_to_user_small)(size_t, void __user *, const void *);
82 size_t (*copy_in_user)(size_t, void __user *, const void __user *);
83 size_t (*clear_user)(size_t, void __user *);
84 size_t (*strnlen_user)(size_t, const char __user *);
85 size_t (*strncpy_from_user)(size_t, const char __user *, char *);
Michel Lespinasse8d7718a2011-03-10 18:50:58 -080086 int (*futex_atomic_op)(int op, u32 __user *, int oparg, int *old);
87 int (*futex_atomic_cmpxchg)(u32 *, u32 __user *, u32 old, u32 new);
Gerald Schaeferd02765d2006-09-20 15:59:42 +020088};
89
90extern struct uaccess_ops uaccess;
91extern struct uaccess_ops uaccess_std;
Gerald Schaefer6c2a9e62006-09-20 15:59:44 +020092extern struct uaccess_ops uaccess_mvcos;
Gerald Schaeferc1821c22007-02-05 21:18:17 +010093extern struct uaccess_ops uaccess_mvcos_switch;
94extern struct uaccess_ops uaccess_pt;
Gerald Schaeferd02765d2006-09-20 15:59:42 +020095
Gerald Schaefer6c1e3e72009-12-07 12:51:47 +010096extern int __handle_fault(unsigned long, unsigned long, int);
97
Gerald Schaeferd02765d2006-09-20 15:59:42 +020098static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
99{
100 size = uaccess.copy_to_user_small(size, ptr, x);
101 return size ? -EFAULT : size;
102}
103
104static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
105{
106 size = uaccess.copy_from_user_small(size, ptr, x);
107 return size ? -EFAULT : size;
108}
Linus Torvalds1da177e2005-04-16 15:20:36 -0700109
110/*
111 * These are the main single-value transfer routines. They automatically
112 * use the right size if we just have the right pointer type.
113 */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700114#define __put_user(x, ptr) \
115({ \
116 __typeof__(*(ptr)) __x = (x); \
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200117 int __pu_err = -EFAULT; \
Al Viro17566c32005-08-23 22:48:22 +0100118 __chk_user_ptr(ptr); \
Linus Torvalds1da177e2005-04-16 15:20:36 -0700119 switch (sizeof (*(ptr))) { \
120 case 1: \
121 case 2: \
122 case 4: \
123 case 8: \
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200124 __pu_err = __put_user_fn(sizeof (*(ptr)), \
125 ptr, &__x); \
Linus Torvalds1da177e2005-04-16 15:20:36 -0700126 break; \
127 default: \
128 __put_user_bad(); \
129 break; \
130 } \
131 __pu_err; \
132})
Linus Torvalds1da177e2005-04-16 15:20:36 -0700133
134#define put_user(x, ptr) \
135({ \
Heiko Carstensdab4079d2009-06-12 10:26:32 +0200136 might_fault(); \
Linus Torvalds1da177e2005-04-16 15:20:36 -0700137 __put_user(x, ptr); \
138})
139
140
141extern int __put_user_bad(void) __attribute__((noreturn));
142
Linus Torvalds1da177e2005-04-16 15:20:36 -0700143#define __get_user(x, ptr) \
144({ \
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200145 int __gu_err = -EFAULT; \
146 __chk_user_ptr(ptr); \
Linus Torvalds1da177e2005-04-16 15:20:36 -0700147 switch (sizeof(*(ptr))) { \
Martin Schwidefsky1047aa72005-11-07 00:59:11 -0800148 case 1: { \
149 unsigned char __x; \
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200150 __gu_err = __get_user_fn(sizeof (*(ptr)), \
151 ptr, &__x); \
Al Viro97fa5a62006-02-03 20:11:52 -0500152 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
Linus Torvalds1da177e2005-04-16 15:20:36 -0700153 break; \
Martin Schwidefsky1047aa72005-11-07 00:59:11 -0800154 }; \
155 case 2: { \
156 unsigned short __x; \
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200157 __gu_err = __get_user_fn(sizeof (*(ptr)), \
158 ptr, &__x); \
Al Viro97fa5a62006-02-03 20:11:52 -0500159 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
Martin Schwidefsky1047aa72005-11-07 00:59:11 -0800160 break; \
161 }; \
162 case 4: { \
163 unsigned int __x; \
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200164 __gu_err = __get_user_fn(sizeof (*(ptr)), \
165 ptr, &__x); \
Al Viro97fa5a62006-02-03 20:11:52 -0500166 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
Martin Schwidefsky1047aa72005-11-07 00:59:11 -0800167 break; \
168 }; \
169 case 8: { \
170 unsigned long long __x; \
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200171 __gu_err = __get_user_fn(sizeof (*(ptr)), \
172 ptr, &__x); \
Al Viro97fa5a62006-02-03 20:11:52 -0500173 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
Martin Schwidefsky1047aa72005-11-07 00:59:11 -0800174 break; \
175 }; \
Linus Torvalds1da177e2005-04-16 15:20:36 -0700176 default: \
177 __get_user_bad(); \
178 break; \
179 } \
Linus Torvalds1da177e2005-04-16 15:20:36 -0700180 __gu_err; \
181})
Linus Torvalds1da177e2005-04-16 15:20:36 -0700182
183#define get_user(x, ptr) \
184({ \
Heiko Carstensdab4079d2009-06-12 10:26:32 +0200185 might_fault(); \
Linus Torvalds1da177e2005-04-16 15:20:36 -0700186 __get_user(x, ptr); \
187})
188
189extern int __get_user_bad(void) __attribute__((noreturn));
190
191#define __put_user_unaligned __put_user
192#define __get_user_unaligned __get_user
193
Linus Torvalds1da177e2005-04-16 15:20:36 -0700194/**
195 * __copy_to_user: - Copy a block of data into user space, with less checking.
196 * @to: Destination address, in user space.
197 * @from: Source address, in kernel space.
198 * @n: Number of bytes to copy.
199 *
200 * Context: User context only. This function may sleep.
201 *
202 * Copy data from kernel space to user space. Caller must check
203 * the specified block with access_ok() before calling this function.
204 *
205 * Returns number of bytes that could not be copied.
206 * On success, this will be zero.
207 */
Heiko Carstensf7675ad2006-12-04 15:39:55 +0100208static inline unsigned long __must_check
Linus Torvalds1da177e2005-04-16 15:20:36 -0700209__copy_to_user(void __user *to, const void *from, unsigned long n)
210{
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200211 if (__builtin_constant_p(n) && (n <= 256))
212 return uaccess.copy_to_user_small(n, to, from);
213 else
214 return uaccess.copy_to_user(n, to, from);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700215}
216
217#define __copy_to_user_inatomic __copy_to_user
218#define __copy_from_user_inatomic __copy_from_user
219
220/**
221 * copy_to_user: - Copy a block of data into user space.
222 * @to: Destination address, in user space.
223 * @from: Source address, in kernel space.
224 * @n: Number of bytes to copy.
225 *
226 * Context: User context only. This function may sleep.
227 *
228 * Copy data from kernel space to user space.
229 *
230 * Returns number of bytes that could not be copied.
231 * On success, this will be zero.
232 */
Heiko Carstensf7675ad2006-12-04 15:39:55 +0100233static inline unsigned long __must_check
Linus Torvalds1da177e2005-04-16 15:20:36 -0700234copy_to_user(void __user *to, const void *from, unsigned long n)
235{
Heiko Carstensdab4079d2009-06-12 10:26:32 +0200236 might_fault();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700237 if (access_ok(VERIFY_WRITE, to, n))
238 n = __copy_to_user(to, from, n);
239 return n;
240}
241
Linus Torvalds1da177e2005-04-16 15:20:36 -0700242/**
243 * __copy_from_user: - Copy a block of data from user space, with less checking.
244 * @to: Destination address, in kernel space.
245 * @from: Source address, in user space.
246 * @n: Number of bytes to copy.
247 *
248 * Context: User context only. This function may sleep.
249 *
250 * Copy data from user space to kernel space. Caller must check
251 * the specified block with access_ok() before calling this function.
252 *
253 * Returns number of bytes that could not be copied.
254 * On success, this will be zero.
255 *
256 * If some data could not be copied, this function will pad the copied
257 * data to the requested size using zero bytes.
258 */
Heiko Carstensf7675ad2006-12-04 15:39:55 +0100259static inline unsigned long __must_check
Linus Torvalds1da177e2005-04-16 15:20:36 -0700260__copy_from_user(void *to, const void __user *from, unsigned long n)
261{
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200262 if (__builtin_constant_p(n) && (n <= 256))
263 return uaccess.copy_from_user_small(n, from, to);
264 else
265 return uaccess.copy_from_user(n, from, to);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700266}
267
Heiko Carstens1dcec252010-02-26 22:37:22 +0100268extern void copy_from_user_overflow(void)
269#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
270__compiletime_warning("copy_from_user() buffer size is not provably correct")
271#endif
272;
273
Linus Torvalds1da177e2005-04-16 15:20:36 -0700274/**
275 * copy_from_user: - Copy a block of data from user space.
276 * @to: Destination address, in kernel space.
277 * @from: Source address, in user space.
278 * @n: Number of bytes to copy.
279 *
280 * Context: User context only. This function may sleep.
281 *
282 * Copy data from user space to kernel space.
283 *
284 * Returns number of bytes that could not be copied.
285 * On success, this will be zero.
286 *
287 * If some data could not be copied, this function will pad the copied
288 * data to the requested size using zero bytes.
289 */
Heiko Carstensf7675ad2006-12-04 15:39:55 +0100290static inline unsigned long __must_check
Linus Torvalds1da177e2005-04-16 15:20:36 -0700291copy_from_user(void *to, const void __user *from, unsigned long n)
292{
Heiko Carstens1dcec252010-02-26 22:37:22 +0100293 unsigned int sz = __compiletime_object_size(to);
294
Heiko Carstensdab4079d2009-06-12 10:26:32 +0200295 might_fault();
Heiko Carstens1dcec252010-02-26 22:37:22 +0100296 if (unlikely(sz != -1 && sz < n)) {
297 copy_from_user_overflow();
298 return n;
299 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700300 if (access_ok(VERIFY_READ, from, n))
301 n = __copy_from_user(to, from, n);
302 else
303 memset(to, 0, n);
304 return n;
305}
306
Heiko Carstensf7675ad2006-12-04 15:39:55 +0100307static inline unsigned long __must_check
Linus Torvalds1da177e2005-04-16 15:20:36 -0700308__copy_in_user(void __user *to, const void __user *from, unsigned long n)
309{
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200310 return uaccess.copy_in_user(n, to, from);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700311}
312
Heiko Carstensf7675ad2006-12-04 15:39:55 +0100313static inline unsigned long __must_check
Linus Torvalds1da177e2005-04-16 15:20:36 -0700314copy_in_user(void __user *to, const void __user *from, unsigned long n)
315{
Heiko Carstensdab4079d2009-06-12 10:26:32 +0200316 might_fault();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700317 if (__access_ok(from,n) && __access_ok(to,n))
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200318 n = __copy_in_user(to, from, n);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700319 return n;
320}
321
322/*
323 * Copy a null terminated string from userspace.
324 */
Heiko Carstensf7675ad2006-12-04 15:39:55 +0100325static inline long __must_check
Linus Torvalds1da177e2005-04-16 15:20:36 -0700326strncpy_from_user(char *dst, const char __user *src, long count)
327{
328 long res = -EFAULT;
Heiko Carstensdab4079d2009-06-12 10:26:32 +0200329 might_fault();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700330 if (access_ok(VERIFY_READ, src, 1))
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200331 res = uaccess.strncpy_from_user(count, src, dst);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700332 return res;
333}
334
Linus Torvalds1da177e2005-04-16 15:20:36 -0700335static inline unsigned long
336strnlen_user(const char __user * src, unsigned long n)
337{
Heiko Carstensdab4079d2009-06-12 10:26:32 +0200338 might_fault();
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200339 return uaccess.strnlen_user(n, src);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700340}
341
342/**
343 * strlen_user: - Get the size of a string in user space.
344 * @str: The string to measure.
345 *
346 * Context: User context only. This function may sleep.
347 *
348 * Get the size of a NUL-terminated string in user space.
349 *
350 * Returns the size of the string INCLUDING the terminating NUL.
351 * On exception, returns 0.
352 *
353 * If there is a limit on the length of a valid string, you may wish to
354 * consider using strnlen_user() instead.
355 */
356#define strlen_user(str) strnlen_user(str, ~0UL)
357
358/*
359 * Zero Userspace
360 */
361
Heiko Carstensf7675ad2006-12-04 15:39:55 +0100362static inline unsigned long __must_check
Linus Torvalds1da177e2005-04-16 15:20:36 -0700363__clear_user(void __user *to, unsigned long n)
364{
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200365 return uaccess.clear_user(n, to);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700366}
367
Heiko Carstensf7675ad2006-12-04 15:39:55 +0100368static inline unsigned long __must_check
Linus Torvalds1da177e2005-04-16 15:20:36 -0700369clear_user(void __user *to, unsigned long n)
370{
Heiko Carstensdab4079d2009-06-12 10:26:32 +0200371 might_fault();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700372 if (access_ok(VERIFY_WRITE, to, n))
Gerald Schaeferd02765d2006-09-20 15:59:42 +0200373 n = uaccess.clear_user(n, to);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700374 return n;
375}
376
377#endif /* __S390_UACCESS_H */