Commit | Line | Data |
---|---|---|
eed417dd AB |
1 | #ifndef __ASM_GENERIC_UACCESS_H |
2 | #define __ASM_GENERIC_UACCESS_H | |
3 | ||
4 | /* | |
5 | * User space memory access functions, these should work | |
0a4a6647 | 6 | * on any machine that has kernel and user data in the same |
eed417dd AB |
7 | * address space, e.g. all NOMMU machines. |
8 | */ | |
9 | #include <linux/sched.h> | |
eed417dd AB |
10 | #include <linux/string.h> |
11 | ||
12 | #include <asm/segment.h> | |
13 | ||
14 | #define MAKE_MM_SEG(s) ((mm_segment_t) { (s) }) | |
15 | ||
16 | #ifndef KERNEL_DS | |
17 | #define KERNEL_DS MAKE_MM_SEG(~0UL) | |
18 | #endif | |
19 | ||
20 | #ifndef USER_DS | |
21 | #define USER_DS MAKE_MM_SEG(TASK_SIZE - 1) | |
22 | #endif | |
23 | ||
24 | #ifndef get_fs | |
25 | #define get_ds() (KERNEL_DS) | |
26 | #define get_fs() (current_thread_info()->addr_limit) | |
27 | ||
28 | static inline void set_fs(mm_segment_t fs) | |
29 | { | |
30 | current_thread_info()->addr_limit = fs; | |
31 | } | |
32 | #endif | |
33 | ||
10a6007b | 34 | #ifndef segment_eq |
eed417dd | 35 | #define segment_eq(a, b) ((a).seg == (b).seg) |
10a6007b | 36 | #endif |
eed417dd AB |
37 | |
38 | #define VERIFY_READ 0 | |
39 | #define VERIFY_WRITE 1 | |
40 | ||
41 | #define access_ok(type, addr, size) __access_ok((unsigned long)(addr),(size)) | |
42 | ||
43 | /* | |
44 | * The architecture should really override this if possible, at least | |
45 | * doing a check on the get_fs() | |
46 | */ | |
47 | #ifndef __access_ok | |
48 | static inline int __access_ok(unsigned long addr, unsigned long size) | |
49 | { | |
50 | return 1; | |
51 | } | |
52 | #endif | |
53 | ||
54 | /* | |
55 | * The exception table consists of pairs of addresses: the first is the | |
56 | * address of an instruction that is allowed to fault, and the second is | |
57 | * the address at which the program should continue. No registers are | |
58 | * modified, so it is entirely up to the continuation code to figure out | |
59 | * what to do. | |
60 | * | |
61 | * All the routines below use bits of fixup code that are out of line | |
62 | * with the main instruction path. This means when everything is well, | |
63 | * we don't even have to jump over them. Further, they do not intrude | |
64 | * on our cache or tlb entries. | |
65 | */ | |
66 | ||
67 | struct exception_table_entry | |
68 | { | |
69 | unsigned long insn, fixup; | |
70 | }; | |
71 | ||
72 | /* Returns 0 if exception not found and fixup otherwise. */ | |
73 | extern unsigned long search_exception_table(unsigned long); | |
74 | ||
0d025d27 | 75 | |
eed417dd AB |
76 | /* |
77 | * architectures with an MMU should override these two | |
78 | */ | |
79 | #ifndef __copy_from_user | |
80 | static inline __must_check long __copy_from_user(void *to, | |
81 | const void __user * from, unsigned long n) | |
82 | { | |
83 | if (__builtin_constant_p(n)) { | |
84 | switch(n) { | |
85 | case 1: | |
86 | *(u8 *)to = *(u8 __force *)from; | |
87 | return 0; | |
88 | case 2: | |
89 | *(u16 *)to = *(u16 __force *)from; | |
90 | return 0; | |
91 | case 4: | |
92 | *(u32 *)to = *(u32 __force *)from; | |
93 | return 0; | |
94 | #ifdef CONFIG_64BIT | |
95 | case 8: | |
96 | *(u64 *)to = *(u64 __force *)from; | |
97 | return 0; | |
98 | #endif | |
99 | default: | |
100 | break; | |
101 | } | |
102 | } | |
103 | ||
104 | memcpy(to, (const void __force *)from, n); | |
105 | return 0; | |
106 | } | |
107 | #endif | |
108 | ||
109 | #ifndef __copy_to_user | |
110 | static inline __must_check long __copy_to_user(void __user *to, | |
111 | const void *from, unsigned long n) | |
112 | { | |
113 | if (__builtin_constant_p(n)) { | |
114 | switch(n) { | |
115 | case 1: | |
116 | *(u8 __force *)to = *(u8 *)from; | |
117 | return 0; | |
118 | case 2: | |
119 | *(u16 __force *)to = *(u16 *)from; | |
120 | return 0; | |
121 | case 4: | |
122 | *(u32 __force *)to = *(u32 *)from; | |
123 | return 0; | |
124 | #ifdef CONFIG_64BIT | |
125 | case 8: | |
126 | *(u64 __force *)to = *(u64 *)from; | |
127 | return 0; | |
128 | #endif | |
129 | default: | |
130 | break; | |
131 | } | |
132 | } | |
133 | ||
134 | memcpy((void __force *)to, from, n); | |
135 | return 0; | |
136 | } | |
137 | #endif | |
138 | ||
139 | /* | |
140 | * These are the main single-value transfer routines. They automatically | |
141 | * use the right size if we just have the right pointer type. | |
142 | * This version just falls back to copy_{from,to}_user, which should | |
143 | * provide a fast-path for small values. | |
144 | */ | |
145 | #define __put_user(x, ptr) \ | |
146 | ({ \ | |
147 | __typeof__(*(ptr)) __x = (x); \ | |
148 | int __pu_err = -EFAULT; \ | |
149 | __chk_user_ptr(ptr); \ | |
150 | switch (sizeof (*(ptr))) { \ | |
151 | case 1: \ | |
152 | case 2: \ | |
153 | case 4: \ | |
154 | case 8: \ | |
155 | __pu_err = __put_user_fn(sizeof (*(ptr)), \ | |
156 | ptr, &__x); \ | |
157 | break; \ | |
158 | default: \ | |
159 | __put_user_bad(); \ | |
160 | break; \ | |
161 | } \ | |
162 | __pu_err; \ | |
163 | }) | |
164 | ||
165 | #define put_user(x, ptr) \ | |
166 | ({ \ | |
a02613a4 | 167 | void *__p = (ptr); \ |
e0acd0bd | 168 | might_fault(); \ |
a02613a4 YS |
169 | access_ok(VERIFY_WRITE, __p, sizeof(*ptr)) ? \ |
170 | __put_user((x), ((__typeof__(*(ptr)) *)__p)) : \ | |
eed417dd AB |
171 | -EFAULT; \ |
172 | }) | |
173 | ||
05d88a49 VG |
174 | #ifndef __put_user_fn |
175 | ||
eed417dd AB |
176 | static inline int __put_user_fn(size_t size, void __user *ptr, void *x) |
177 | { | |
178 | size = __copy_to_user(ptr, x, size); | |
179 | return size ? -EFAULT : size; | |
180 | } | |
181 | ||
05d88a49 VG |
182 | #define __put_user_fn(sz, u, k) __put_user_fn(sz, u, k) |
183 | ||
184 | #endif | |
185 | ||
eed417dd AB |
186 | extern int __put_user_bad(void) __attribute__((noreturn)); |
187 | ||
188 | #define __get_user(x, ptr) \ | |
189 | ({ \ | |
190 | int __gu_err = -EFAULT; \ | |
191 | __chk_user_ptr(ptr); \ | |
192 | switch (sizeof(*(ptr))) { \ | |
193 | case 1: { \ | |
194 | unsigned char __x; \ | |
195 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ | |
196 | ptr, &__x); \ | |
197 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ | |
198 | break; \ | |
199 | }; \ | |
200 | case 2: { \ | |
201 | unsigned short __x; \ | |
202 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ | |
203 | ptr, &__x); \ | |
204 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ | |
205 | break; \ | |
206 | }; \ | |
207 | case 4: { \ | |
208 | unsigned int __x; \ | |
209 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ | |
210 | ptr, &__x); \ | |
211 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ | |
212 | break; \ | |
213 | }; \ | |
214 | case 8: { \ | |
215 | unsigned long long __x; \ | |
216 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ | |
217 | ptr, &__x); \ | |
218 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ | |
219 | break; \ | |
220 | }; \ | |
221 | default: \ | |
222 | __get_user_bad(); \ | |
223 | break; \ | |
224 | } \ | |
225 | __gu_err; \ | |
226 | }) | |
227 | ||
228 | #define get_user(x, ptr) \ | |
229 | ({ \ | |
a02613a4 | 230 | const void *__p = (ptr); \ |
e0acd0bd | 231 | might_fault(); \ |
a02613a4 YS |
232 | access_ok(VERIFY_READ, __p, sizeof(*ptr)) ? \ |
233 | __get_user((x), (__typeof__(*(ptr)) *)__p) : \ | |
eed417dd AB |
234 | -EFAULT; \ |
235 | }) | |
236 | ||
05d88a49 | 237 | #ifndef __get_user_fn |
eed417dd AB |
238 | static inline int __get_user_fn(size_t size, const void __user *ptr, void *x) |
239 | { | |
240 | size = __copy_from_user(x, ptr, size); | |
241 | return size ? -EFAULT : size; | |
242 | } | |
243 | ||
05d88a49 VG |
244 | #define __get_user_fn(sz, u, k) __get_user_fn(sz, u, k) |
245 | ||
246 | #endif | |
247 | ||
eed417dd AB |
248 | extern int __get_user_bad(void) __attribute__((noreturn)); |
249 | ||
250 | #ifndef __copy_from_user_inatomic | |
251 | #define __copy_from_user_inatomic __copy_from_user | |
252 | #endif | |
253 | ||
254 | #ifndef __copy_to_user_inatomic | |
255 | #define __copy_to_user_inatomic __copy_to_user | |
256 | #endif | |
257 | ||
258 | static inline long copy_from_user(void *to, | |
259 | const void __user * from, unsigned long n) | |
260 | { | |
e0acd0bd | 261 | might_fault(); |
a9ede5b3 | 262 | if (access_ok(VERIFY_READ, from, n)) |
eed417dd AB |
263 | return __copy_from_user(to, from, n); |
264 | else | |
265 | return n; | |
266 | } | |
267 | ||
268 | static inline long copy_to_user(void __user *to, | |
269 | const void *from, unsigned long n) | |
270 | { | |
e0acd0bd | 271 | might_fault(); |
a9ede5b3 | 272 | if (access_ok(VERIFY_WRITE, to, n)) |
eed417dd AB |
273 | return __copy_to_user(to, from, n); |
274 | else | |
275 | return n; | |
276 | } | |
277 | ||
278 | /* | |
279 | * Copy a null terminated string from userspace. | |
280 | */ | |
281 | #ifndef __strncpy_from_user | |
282 | static inline long | |
283 | __strncpy_from_user(char *dst, const char __user *src, long count) | |
284 | { | |
285 | char *tmp; | |
286 | strncpy(dst, (const char __force *)src, count); | |
287 | for (tmp = dst; *tmp && count > 0; tmp++, count--) | |
288 | ; | |
289 | return (tmp - dst); | |
290 | } | |
291 | #endif | |
292 | ||
293 | static inline long | |
294 | strncpy_from_user(char *dst, const char __user *src, long count) | |
295 | { | |
a9ede5b3 | 296 | if (!access_ok(VERIFY_READ, src, 1)) |
eed417dd AB |
297 | return -EFAULT; |
298 | return __strncpy_from_user(dst, src, count); | |
299 | } | |
300 | ||
301 | /* | |
302 | * Return the size of a string (including the ending 0) | |
303 | * | |
304 | * Return 0 on exception, a value greater than N if too long | |
305 | */ | |
7f509a9e | 306 | #ifndef __strnlen_user |
830f5800 | 307 | #define __strnlen_user(s, n) (strnlen((s), (n)) + 1) |
7f509a9e G |
308 | #endif |
309 | ||
830f5800 MS |
310 | /* |
311 | * Unlike strnlen, strnlen_user includes the nul terminator in | |
312 | * its returned count. Callers should check for a returned value | |
313 | * greater than N as an indication the string is too long. | |
314 | */ | |
eed417dd AB |
315 | static inline long strnlen_user(const char __user *src, long n) |
316 | { | |
9844813f MF |
317 | if (!access_ok(VERIFY_READ, src, 1)) |
318 | return 0; | |
7f509a9e | 319 | return __strnlen_user(src, n); |
eed417dd | 320 | } |
eed417dd AB |
321 | |
322 | static inline long strlen_user(const char __user *src) | |
323 | { | |
324 | return strnlen_user(src, 32767); | |
325 | } | |
326 | ||
327 | /* | |
328 | * Zero Userspace | |
329 | */ | |
330 | #ifndef __clear_user | |
331 | static inline __must_check unsigned long | |
332 | __clear_user(void __user *to, unsigned long n) | |
333 | { | |
334 | memset((void __force *)to, 0, n); | |
335 | return 0; | |
336 | } | |
337 | #endif | |
338 | ||
339 | static inline __must_check unsigned long | |
340 | clear_user(void __user *to, unsigned long n) | |
341 | { | |
e0acd0bd | 342 | might_fault(); |
a9ede5b3 | 343 | if (!access_ok(VERIFY_WRITE, to, n)) |
eed417dd AB |
344 | return n; |
345 | ||
346 | return __clear_user(to, n); | |
347 | } | |
348 | ||
349 | #endif /* __ASM_GENERIC_UACCESS_H */ |