[deliverable/linux.git] / include / asm-generic / uaccess.h

#ifndef __ASM_GENERIC_UACCESS_H
#define __ASM_GENERIC_UACCESS_H

/*
 * User space memory access functions, these should work
 * on any machine that has kernel and user data in the same
 * address space, e.g. all NOMMU machines.
 */
#include <linux/sched.h>
#include <linux/string.h>

#include <asm/segment.h>

#define MAKE_MM_SEG(s)	((mm_segment_t) { (s) })

#ifndef KERNEL_DS
#define KERNEL_DS	MAKE_MM_SEG(~0UL)
#endif

#ifndef USER_DS
#define USER_DS		MAKE_MM_SEG(TASK_SIZE - 1)
#endif

#ifndef get_fs
#define get_ds()	(KERNEL_DS)
#define get_fs()	(current_thread_info()->addr_limit)

static inline void set_fs(mm_segment_t fs)
{
	current_thread_info()->addr_limit = fs;
}
#endif

#ifndef segment_eq
#define segment_eq(a, b) ((a).seg == (b).seg)
#endif

#define VERIFY_READ	0
#define VERIFY_WRITE	1

#define access_ok(type, addr, size) __access_ok((unsigned long)(addr),(size))

/*
 * The architecture should really override this if possible, at least
 * doing a check on the get_fs()
 */
#ifndef __access_ok
static inline int __access_ok(unsigned long addr, unsigned long size)
{
	return 1;
}
#endif

/*
 * The exception table consists of pairs of addresses: the first is the
 * address of an instruction that is allowed to fault, and the second is
 * the address at which the program should continue.  No registers are
 * modified, so it is entirely up to the continuation code to figure out
 * what to do.
 *
 * All the routines below use bits of fixup code that are out of line
 * with the main instruction path.  This means when everything is well,
 * we don't even have to jump over them.  Further, they do not intrude
 * on our cache or tlb entries.
 */

struct exception_table_entry
{
	unsigned long insn, fixup;
};

/* Returns 0 if exception not found and fixup otherwise.  */
extern unsigned long search_exception_table(unsigned long);


/*
 * architectures with an MMU should override these two
 */
#ifndef __copy_from_user
static inline __must_check long __copy_from_user(void *to,
		const void __user * from, unsigned long n)
{
	if (__builtin_constant_p(n)) {
		switch(n) {
		case 1:
			*(u8 *)to = *(u8 __force *)from;
			return 0;
		case 2:
			*(u16 *)to = *(u16 __force *)from;
			return 0;
		case 4:
			*(u32 *)to = *(u32 __force *)from;
			return 0;
#ifdef CONFIG_64BIT
		case 8:
			*(u64 *)to = *(u64 __force *)from;
			return 0;
#endif
		default:
			break;
		}
	}

	memcpy(to, (const void __force *)from, n);
	return 0;
}
#endif

#ifndef __copy_to_user
static inline __must_check long __copy_to_user(void __user *to,
		const void *from, unsigned long n)
{
	if (__builtin_constant_p(n)) {
		switch(n) {
		case 1:
			*(u8 __force *)to = *(u8 *)from;
			return 0;
		case 2:
			*(u16 __force *)to = *(u16 *)from;
			return 0;
		case 4:
			*(u32 __force *)to = *(u32 *)from;
			return 0;
#ifdef CONFIG_64BIT
		case 8:
			*(u64 __force *)to = *(u64 *)from;
			return 0;
#endif
		default:
			break;
		}
	}

	memcpy((void __force *)to, from, n);
	return 0;
}
#endif

/*
 * These are the main single-value transfer routines.  They automatically
 * use the right size if we just have the right pointer type.
 * This version just falls back to copy_{from,to}_user, which should
 * provide a fast-path for small values.
 */
#define __put_user(x, ptr) \
({								\
	__typeof__(*(ptr)) __x = (x);				\
	int __pu_err = -EFAULT;					\
        __chk_user_ptr(ptr);                                    \
	switch (sizeof (*(ptr))) {				\
	case 1:							\
	case 2:							\
	case 4:							\
	case 8:							\
		__pu_err = __put_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		break;						\
	default:						\
		__put_user_bad();				\
		break;						\
	 }							\
	__pu_err;						\
})

#define put_user(x, ptr)					\
({								\
	void *__p = (ptr);					\
	might_fault();						\
	access_ok(VERIFY_WRITE, __p, sizeof(*ptr)) ?		\
		__put_user((x), ((__typeof__(*(ptr)) *)__p)) :	\
		-EFAULT;					\
})

#ifndef __put_user_fn

static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
{
	size = __copy_to_user(ptr, x, size);
	return size ? -EFAULT : size;
}

#define __put_user_fn(sz, u, k)	__put_user_fn(sz, u, k)

#endif

extern int __put_user_bad(void) __attribute__((noreturn));

#define __get_user(x, ptr)					\
({								\
	int __gu_err = -EFAULT;					\
	__chk_user_ptr(ptr);					\
	switch (sizeof(*(ptr))) {				\
	case 1: {						\
		unsigned char __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 2: {						\
		unsigned short __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 4: {						\
		unsigned int __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 8: {						\
		unsigned long long __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	default:						\
		__get_user_bad();				\
		break;						\
	}							\
	__gu_err;						\
})

#define get_user(x, ptr)					\
({								\
	const void *__p = (ptr);				\
	might_fault();						\
	access_ok(VERIFY_READ, __p, sizeof(*ptr)) ?		\
		__get_user((x), (__typeof__(*(ptr)) *)__p) :	\
		-EFAULT;					\
})

#ifndef __get_user_fn
static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
{
	size = __copy_from_user(x, ptr, size);
	return size ? -EFAULT : size;
}

#define __get_user_fn(sz, u, k)	__get_user_fn(sz, u, k)

#endif

extern int __get_user_bad(void) __attribute__((noreturn));

#ifndef __copy_from_user_inatomic
#define __copy_from_user_inatomic __copy_from_user
#endif

#ifndef __copy_to_user_inatomic
#define __copy_to_user_inatomic __copy_to_user
#endif

static inline long copy_from_user(void *to,
		const void __user * from, unsigned long n)
{
	might_fault();
	if (access_ok(VERIFY_READ, from, n))
		return __copy_from_user(to, from, n);
	else
		return n;
}

static inline long copy_to_user(void __user *to,
		const void *from, unsigned long n)
{
	might_fault();
	if (access_ok(VERIFY_WRITE, to, n))
		return __copy_to_user(to, from, n);
	else
		return n;
}

/*
 * Copy a null terminated string from userspace.
 */
#ifndef __strncpy_from_user
static inline long
__strncpy_from_user(char *dst, const char __user *src, long count)
{
	char *tmp;
	strncpy(dst, (const char __force *)src, count);
	for (tmp = dst; *tmp && count > 0; tmp++, count--)
		;
	return (tmp - dst);
}
#endif

static inline long
strncpy_from_user(char *dst, const char __user *src, long count)
{
	if (!access_ok(VERIFY_READ, src, 1))
		return -EFAULT;
	return __strncpy_from_user(dst, src, count);
}

/*
 * Return the size of a string (including the ending 0)
 *
 * Return 0 on exception, a value greater than N if too long
 */
#ifndef __strnlen_user
#define __strnlen_user(s, n) (strnlen((s), (n)) + 1)
#endif

/*
 * Unlike strnlen, strnlen_user includes the nul terminator in
 * its returned count. Callers should check for a returned value
 * greater than N as an indication the string is too long.
 */
static inline long strnlen_user(const char __user *src, long n)
{
	if (!access_ok(VERIFY_READ, src, 1))
		return 0;
	return __strnlen_user(src, n);
}

static inline long strlen_user(const char __user *src)
{
	return strnlen_user(src, 32767);
}

/*
 * Zero Userspace
 */
#ifndef __clear_user
static inline __must_check unsigned long
__clear_user(void __user *to, unsigned long n)
{
	memset((void __force *)to, 0, n);
	return 0;
}
#endif

static inline __must_check unsigned long
clear_user(void __user *to, unsigned long n)
{
	might_fault();
	if (!access_ok(VERIFY_WRITE, to, n))
		return n;

	return __clear_user(to, n);
}

#endif /* __ASM_GENERIC_UACCESS_H */
Commit	Line	Data
eed417dd AB	1	#ifndef __ASM_GENERIC_UACCESS_H
	2	#define __ASM_GENERIC_UACCESS_H
	3
	4	/*
	5	* User space memory access functions, these should work
0a4a6647	6	* on any machine that has kernel and user data in the same
eed417dd AB	7	* address space, e.g. all NOMMU machines.
	8	*/
	9	#include <linux/sched.h>
eed417dd AB	10	#include <linux/string.h>
	11
	12	#include <asm/segment.h>
	13
	14	#define MAKE_MM_SEG(s) ((mm_segment_t) { (s) })
	15
	16	#ifndef KERNEL_DS
	17	#define KERNEL_DS MAKE_MM_SEG(~0UL)
	18	#endif
	19
	20	#ifndef USER_DS
	21	#define USER_DS MAKE_MM_SEG(TASK_SIZE - 1)
	22	#endif
	23
	24	#ifndef get_fs
	25	#define get_ds() (KERNEL_DS)
	26	#define get_fs() (current_thread_info()->addr_limit)
	27
	28	static inline void set_fs(mm_segment_t fs)
	29	{
	30	current_thread_info()->addr_limit = fs;
	31	}
	32	#endif
	33
10a6007b	34	#ifndef segment_eq
eed417dd	35	#define segment_eq(a, b) ((a).seg == (b).seg)
10a6007b	36	#endif
eed417dd AB	37
	38	#define VERIFY_READ 0
	39	#define VERIFY_WRITE 1
	40
	41	#define access_ok(type, addr, size) __access_ok((unsigned long)(addr),(size))
	42
	43	/*
	44	* The architecture should really override this if possible, at least
	45	* doing a check on the get_fs()
	46	*/
	47	#ifndef __access_ok
	48	static inline int __access_ok(unsigned long addr, unsigned long size)
	49	{
	50	return 1;
	51	}
	52	#endif
	53
	54	/*
	55	* The exception table consists of pairs of addresses: the first is the
	56	* address of an instruction that is allowed to fault, and the second is
	57	* the address at which the program should continue. No registers are
	58	* modified, so it is entirely up to the continuation code to figure out
	59	* what to do.
	60	*
	61	* All the routines below use bits of fixup code that are out of line
	62	* with the main instruction path. This means when everything is well,
	63	* we don't even have to jump over them. Further, they do not intrude
	64	* on our cache or tlb entries.
	65	*/
	66
	67	struct exception_table_entry
	68	{
	69	unsigned long insn, fixup;
	70	};
	71
	72	/* Returns 0 if exception not found and fixup otherwise. */
	73	extern unsigned long search_exception_table(unsigned long);
	74
0d025d27	75
eed417dd AB	76	/*
	77	* architectures with an MMU should override these two
	78	*/
	79	#ifndef __copy_from_user
	80	static inline __must_check long __copy_from_user(void *to,
	81	const void __user * from, unsigned long n)
	82	{
	83	if (__builtin_constant_p(n)) {
	84	switch(n) {
	85	case 1:
	86	(u8 )to = (u8 __force )from;
	87	return 0;
	88	case 2:
	89	(u16 )to = (u16 __force )from;
	90	return 0;
	91	case 4:
	92	(u32 )to = (u32 __force )from;
	93	return 0;
	94	#ifdef CONFIG_64BIT
	95	case 8:
	96	(u64 )to = (u64 __force )from;
	97	return 0;
	98	#endif
	99	default:
	100	break;
	101	}
	102	}
	103
	104	memcpy(to, (const void __force *)from, n);
	105	return 0;
	106	}
	107	#endif
	108
	109	#ifndef __copy_to_user
	110	static inline __must_check long __copy_to_user(void __user *to,
	111	const void *from, unsigned long n)
	112	{
	113	if (__builtin_constant_p(n)) {
	114	switch(n) {
	115	case 1:
	116	(u8 __force )to = (u8 )from;
	117	return 0;
	118	case 2:
	119	(u16 __force )to = (u16 )from;
	120	return 0;
	121	case 4:
	122	(u32 __force )to = (u32 )from;
	123	return 0;
	124	#ifdef CONFIG_64BIT
	125	case 8:
	126	(u64 __force )to = (u64 )from;
	127	return 0;
	128	#endif
	129	default:
	130	break;
	131	}
	132	}
	133
	134	memcpy((void __force *)to, from, n);
	135	return 0;
	136	}
	137	#endif
	138
	139	/*
140	* These are the main single-value transfer routines. They automatically
141	* use the right size if we just have the right pointer type.
142	* This version just falls back to copy_{from,to}_user, which should
143	* provide a fast-path for small values.
144	*/
145	#define __put_user(x, ptr) \
146	({ \
147	__typeof__(*(ptr)) __x = (x); \
148	int __pu_err = -EFAULT; \
149	__chk_user_ptr(ptr); \
150	switch (sizeof (*(ptr))) { \
151	case 1: \
152	case 2: \
153	case 4: \
154	case 8: \
155	__pu_err = __put_user_fn(sizeof (*(ptr)), \
156	ptr, &__x); \
157	break; \
158	default: \
159	__put_user_bad(); \
160	break; \
161	} \
162	__pu_err; \
163	})
164
165	#define put_user(x, ptr) \
166	({ \
a02613a4	167	void *__p = (ptr); \
e0acd0bd	168	might_fault(); \
a02613a4 YS	169	access_ok(VERIFY_WRITE, __p, sizeof(*ptr)) ? \
a02613a4 YS	170	__put_user((x), ((__typeof__((ptr)) )__p)) : \
eed417dd AB	171	-EFAULT; \
	172	})
	173
05d88a49 VG	174	#ifndef __put_user_fn
05d88a49 VG	175
eed417dd AB	176	static inline int __put_user_fn(size_t size, void __user ptr, void x)
	177	{
	178	size = __copy_to_user(ptr, x, size);
	179	return size ? -EFAULT : size;
	180	}
	181
05d88a49 VG	182	#define __put_user_fn(sz, u, k) __put_user_fn(sz, u, k)
	183
	184	#endif
	185
eed417dd AB	186	extern int __put_user_bad(void) __attribute__((noreturn));
	187
	188	#define __get_user(x, ptr) \
	189	({ \
	190	int __gu_err = -EFAULT; \
	191	__chk_user_ptr(ptr); \
	192	switch (sizeof(*(ptr))) { \
	193	case 1: { \
	194	unsigned char __x; \
	195	__gu_err = __get_user_fn(sizeof (*(ptr)), \
	196	ptr, &__x); \
	197	(x) = (__force __typeof__((ptr)) *) &__x; \
	198	break; \
	199	}; \
	200	case 2: { \
	201	unsigned short __x; \
	202	__gu_err = __get_user_fn(sizeof (*(ptr)), \
	203	ptr, &__x); \
	204	(x) = (__force __typeof__((ptr)) *) &__x; \
	205	break; \
	206	}; \
	207	case 4: { \
	208	unsigned int __x; \
	209	__gu_err = __get_user_fn(sizeof (*(ptr)), \
	210	ptr, &__x); \
	211	(x) = (__force __typeof__((ptr)) *) &__x; \
	212	break; \
	213	}; \
	214	case 8: { \
	215	unsigned long long __x; \
	216	__gu_err = __get_user_fn(sizeof (*(ptr)), \
	217	ptr, &__x); \
	218	(x) = (__force __typeof__((ptr)) *) &__x; \
	219	break; \
	220	}; \
	221	default: \
	222	__get_user_bad(); \
	223	break; \
	224	} \
	225	__gu_err; \
	226	})
	227
	228	#define get_user(x, ptr) \
	229	({ \
a02613a4	230	const void *__p = (ptr); \
e0acd0bd	231	might_fault(); \
a02613a4 YS	232	access_ok(VERIFY_READ, __p, sizeof(*ptr)) ? \
a02613a4 YS	233	__get_user((x), (__typeof__((ptr)) )__p) : \
eed417dd AB	234	-EFAULT; \
	235	})
	236
05d88a49	237	#ifndef __get_user_fn
eed417dd AB	238	static inline int __get_user_fn(size_t size, const void __user ptr, void x)
	239	{
	240	size = __copy_from_user(x, ptr, size);
	241	return size ? -EFAULT : size;
	242	}
	243
05d88a49 VG	244	#define __get_user_fn(sz, u, k) __get_user_fn(sz, u, k)
	245
	246	#endif
	247
eed417dd AB	248	extern int __get_user_bad(void) __attribute__((noreturn));
	249
	250	#ifndef __copy_from_user_inatomic
	251	#define __copy_from_user_inatomic __copy_from_user
	252	#endif
	253
	254	#ifndef __copy_to_user_inatomic
	255	#define __copy_to_user_inatomic __copy_to_user
	256	#endif
	257
	258	static inline long copy_from_user(void *to,
	259	const void __user * from, unsigned long n)
	260	{
e0acd0bd	261	might_fault();
a9ede5b3	262	if (access_ok(VERIFY_READ, from, n))
eed417dd AB	263	return __copy_from_user(to, from, n);
	264	else
	265	return n;
	266	}
	267
	268	static inline long copy_to_user(void __user *to,
	269	const void *from, unsigned long n)
	270	{
e0acd0bd	271	might_fault();
a9ede5b3	272	if (access_ok(VERIFY_WRITE, to, n))
eed417dd AB	273	return __copy_to_user(to, from, n);
	274	else
	275	return n;
	276	}
	277
	278	/*
	279	* Copy a null terminated string from userspace.
	280	*/
	281	#ifndef __strncpy_from_user
	282	static inline long
	283	__strncpy_from_user(char dst, const char __user src, long count)
	284	{
	285	char *tmp;
	286	strncpy(dst, (const char __force *)src, count);
	287	for (tmp = dst; *tmp && count > 0; tmp++, count--)
	288	;
	289	return (tmp - dst);
	290	}
	291	#endif
	292
	293	static inline long
	294	strncpy_from_user(char dst, const char __user src, long count)
	295	{
a9ede5b3	296	if (!access_ok(VERIFY_READ, src, 1))
eed417dd AB	297	return -EFAULT;
	298	return __strncpy_from_user(dst, src, count);
	299	}
	300
	301	/*
	302	* Return the size of a string (including the ending 0)
	303	*
	304	* Return 0 on exception, a value greater than N if too long
	305	*/
7f509a9e	306	#ifndef __strnlen_user
830f5800	307	#define __strnlen_user(s, n) (strnlen((s), (n)) + 1)
7f509a9e G	308	#endif
7f509a9e G	309
830f5800 MS	310	/*
	311	* Unlike strnlen, strnlen_user includes the nul terminator in
	312	* its returned count. Callers should check for a returned value
	313	* greater than N as an indication the string is too long.
	314	*/
eed417dd AB	315	static inline long strnlen_user(const char __user *src, long n)
eed417dd AB	316	{
9844813f MF	317	if (!access_ok(VERIFY_READ, src, 1))
9844813f MF	318	return 0;
7f509a9e	319	return __strnlen_user(src, n);
eed417dd	320	}
eed417dd AB	321
	322	static inline long strlen_user(const char __user *src)
	323	{
	324	return strnlen_user(src, 32767);
	325	}
	326
	327	/*
	328	* Zero Userspace
	329	*/
	330	#ifndef __clear_user
	331	static inline __must_check unsigned long
	332	__clear_user(void __user *to, unsigned long n)
	333	{
	334	memset((void __force *)to, 0, n);
	335	return 0;
	336	}
	337	#endif
	338
	339	static inline __must_check unsigned long
	340	clear_user(void __user *to, unsigned long n)
	341	{
e0acd0bd	342	might_fault();
a9ede5b3	343	if (!access_ok(VERIFY_WRITE, to, n))
eed417dd AB	344	return n;
	345
	346	return __clear_user(to, n);
	347	}
	348
	349	#endif /* __ASM_GENERIC_UACCESS_H */