Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * include/asm-s390/uaccess.h | |
3 | * | |
4 | * S390 version | |
5 | * Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation | |
6 | * Author(s): Hartmut Penner (hp@de.ibm.com), | |
7 | * Martin Schwidefsky (schwidefsky@de.ibm.com) | |
8 | * | |
9 | * Derived from "include/asm-i386/uaccess.h" | |
10 | */ | |
11 | #ifndef __S390_UACCESS_H | |
12 | #define __S390_UACCESS_H | |
13 | ||
14 | /* | |
15 | * User space memory access functions | |
16 | */ | |
17 | #include <linux/sched.h> | |
18 | #include <linux/errno.h> | |
19 | ||
20 | #define VERIFY_READ 0 | |
21 | #define VERIFY_WRITE 1 | |
22 | ||
23 | ||
24 | /* | |
25 | * The fs value determines whether argument validity checking should be | |
26 | * performed or not. If get_fs() == USER_DS, checking is performed, with | |
27 | * get_fs() == KERNEL_DS, checking is bypassed. | |
28 | * | |
29 | * For historical reasons, these macros are grossly misnamed. | |
30 | */ | |
31 | ||
32 | #define MAKE_MM_SEG(a) ((mm_segment_t) { (a) }) | |
33 | ||
34 | ||
35 | #define KERNEL_DS MAKE_MM_SEG(0) | |
36 | #define USER_DS MAKE_MM_SEG(1) | |
37 | ||
38 | #define get_ds() (KERNEL_DS) | |
39 | #define get_fs() (current->thread.mm_segment) | |
40 | ||
1da177e4 LT |
41 | #define set_fs(x) \ |
42 | ({ \ | |
43 | unsigned long __pto; \ | |
44 | current->thread.mm_segment = (x); \ | |
45 | __pto = current->thread.mm_segment.ar4 ? \ | |
46 | S390_lowcore.user_asce : S390_lowcore.kernel_asce; \ | |
94c12cc7 | 47 | __ctl_load(__pto, 7, 7); \ |
1da177e4 | 48 | }) |
1da177e4 LT |
49 | |
50 | #define segment_eq(a,b) ((a).ar4 == (b).ar4) | |
51 | ||
52 | ||
793af244 | 53 | static inline int __access_ok(const void __user *addr, unsigned long size) |
a63a4931 MS |
54 | { |
55 | return 1; | |
56 | } | |
1da177e4 LT |
57 | #define access_ok(type,addr,size) __access_ok(addr,size) |
58 | ||
1da177e4 LT |
59 | /* |
60 | * The exception table consists of pairs of addresses: the first is the | |
61 | * address of an instruction that is allowed to fault, and the second is | |
62 | * the address at which the program should continue. No registers are | |
63 | * modified, so it is entirely up to the continuation code to figure out | |
64 | * what to do. | |
65 | * | |
66 | * All the routines below use bits of fixup code that are out of line | |
67 | * with the main instruction path. This means when everything is well, | |
68 | * we don't even have to jump over them. Further, they do not intrude | |
69 | * on our cache or tlb entries. | |
70 | */ | |
71 | ||
72 | struct exception_table_entry | |
73 | { | |
74 | unsigned long insn, fixup; | |
75 | }; | |
76 | ||
d02765d1 GS |
77 | struct uaccess_ops { |
78 | size_t (*copy_from_user)(size_t, const void __user *, void *); | |
79 | size_t (*copy_from_user_small)(size_t, const void __user *, void *); | |
80 | size_t (*copy_to_user)(size_t, void __user *, const void *); | |
81 | size_t (*copy_to_user_small)(size_t, void __user *, const void *); | |
82 | size_t (*copy_in_user)(size_t, void __user *, const void __user *); | |
83 | size_t (*clear_user)(size_t, void __user *); | |
84 | size_t (*strnlen_user)(size_t, const char __user *); | |
85 | size_t (*strncpy_from_user)(size_t, const char __user *, char *); | |
86 | int (*futex_atomic_op)(int op, int __user *, int oparg, int *old); | |
87 | int (*futex_atomic_cmpxchg)(int __user *, int old, int new); | |
88 | }; | |
89 | ||
90 | extern struct uaccess_ops uaccess; | |
91 | extern struct uaccess_ops uaccess_std; | |
6c2a9e6d | 92 | extern struct uaccess_ops uaccess_mvcos; |
c1821c2e GS |
93 | extern struct uaccess_ops uaccess_mvcos_switch; |
94 | extern struct uaccess_ops uaccess_pt; | |
d02765d1 GS |
95 | |
96 | static inline int __put_user_fn(size_t size, void __user *ptr, void *x) | |
97 | { | |
98 | size = uaccess.copy_to_user_small(size, ptr, x); | |
99 | return size ? -EFAULT : size; | |
100 | } | |
101 | ||
102 | static inline int __get_user_fn(size_t size, const void __user *ptr, void *x) | |
103 | { | |
104 | size = uaccess.copy_from_user_small(size, ptr, x); | |
105 | return size ? -EFAULT : size; | |
106 | } | |
1da177e4 LT |
107 | |
108 | /* | |
109 | * These are the main single-value transfer routines. They automatically | |
110 | * use the right size if we just have the right pointer type. | |
111 | */ | |
1da177e4 LT |
112 | #define __put_user(x, ptr) \ |
113 | ({ \ | |
114 | __typeof__(*(ptr)) __x = (x); \ | |
d02765d1 | 115 | int __pu_err = -EFAULT; \ |
17566c3c | 116 | __chk_user_ptr(ptr); \ |
1da177e4 LT |
117 | switch (sizeof (*(ptr))) { \ |
118 | case 1: \ | |
119 | case 2: \ | |
120 | case 4: \ | |
121 | case 8: \ | |
d02765d1 GS |
122 | __pu_err = __put_user_fn(sizeof (*(ptr)), \ |
123 | ptr, &__x); \ | |
1da177e4 LT |
124 | break; \ |
125 | default: \ | |
126 | __put_user_bad(); \ | |
127 | break; \ | |
128 | } \ | |
129 | __pu_err; \ | |
130 | }) | |
1da177e4 LT |
131 | |
132 | #define put_user(x, ptr) \ | |
133 | ({ \ | |
dab4079d | 134 | might_fault(); \ |
1da177e4 LT |
135 | __put_user(x, ptr); \ |
136 | }) | |
137 | ||
138 | ||
139 | extern int __put_user_bad(void) __attribute__((noreturn)); | |
140 | ||
1da177e4 LT |
141 | #define __get_user(x, ptr) \ |
142 | ({ \ | |
d02765d1 GS |
143 | int __gu_err = -EFAULT; \ |
144 | __chk_user_ptr(ptr); \ | |
1da177e4 | 145 | switch (sizeof(*(ptr))) { \ |
1047aa77 MS |
146 | case 1: { \ |
147 | unsigned char __x; \ | |
d02765d1 GS |
148 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
149 | ptr, &__x); \ | |
97fa5a66 | 150 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1047aa77 MS |
151 | break; \ |
152 | }; \ | |
153 | case 2: { \ | |
154 | unsigned short __x; \ | |
d02765d1 GS |
155 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
156 | ptr, &__x); \ | |
97fa5a66 | 157 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1047aa77 MS |
158 | break; \ |
159 | }; \ | |
160 | case 4: { \ | |
161 | unsigned int __x; \ | |
d02765d1 GS |
162 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
163 | ptr, &__x); \ | |
97fa5a66 | 164 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1047aa77 MS |
165 | break; \ |
166 | }; \ | |
167 | case 8: { \ | |
168 | unsigned long long __x; \ | |
d02765d1 GS |
169 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
170 | ptr, &__x); \ | |
97fa5a66 | 171 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1da177e4 | 172 | break; \ |
1047aa77 | 173 | }; \ |
1da177e4 LT |
174 | default: \ |
175 | __get_user_bad(); \ | |
176 | break; \ | |
177 | } \ | |
1da177e4 LT |
178 | __gu_err; \ |
179 | }) | |
1da177e4 LT |
180 | |
181 | #define get_user(x, ptr) \ | |
182 | ({ \ | |
dab4079d | 183 | might_fault(); \ |
1da177e4 LT |
184 | __get_user(x, ptr); \ |
185 | }) | |
186 | ||
187 | extern int __get_user_bad(void) __attribute__((noreturn)); | |
188 | ||
189 | #define __put_user_unaligned __put_user | |
190 | #define __get_user_unaligned __get_user | |
191 | ||
1da177e4 LT |
192 | /** |
193 | * __copy_to_user: - Copy a block of data into user space, with less checking. | |
194 | * @to: Destination address, in user space. | |
195 | * @from: Source address, in kernel space. | |
196 | * @n: Number of bytes to copy. | |
197 | * | |
198 | * Context: User context only. This function may sleep. | |
199 | * | |
200 | * Copy data from kernel space to user space. Caller must check | |
201 | * the specified block with access_ok() before calling this function. | |
202 | * | |
203 | * Returns number of bytes that could not be copied. | |
204 | * On success, this will be zero. | |
205 | */ | |
f7675ad7 | 206 | static inline unsigned long __must_check |
1da177e4 LT |
207 | __copy_to_user(void __user *to, const void *from, unsigned long n) |
208 | { | |
d02765d1 GS |
209 | if (__builtin_constant_p(n) && (n <= 256)) |
210 | return uaccess.copy_to_user_small(n, to, from); | |
211 | else | |
212 | return uaccess.copy_to_user(n, to, from); | |
1da177e4 LT |
213 | } |
214 | ||
215 | #define __copy_to_user_inatomic __copy_to_user | |
216 | #define __copy_from_user_inatomic __copy_from_user | |
217 | ||
218 | /** | |
219 | * copy_to_user: - Copy a block of data into user space. | |
220 | * @to: Destination address, in user space. | |
221 | * @from: Source address, in kernel space. | |
222 | * @n: Number of bytes to copy. | |
223 | * | |
224 | * Context: User context only. This function may sleep. | |
225 | * | |
226 | * Copy data from kernel space to user space. | |
227 | * | |
228 | * Returns number of bytes that could not be copied. | |
229 | * On success, this will be zero. | |
230 | */ | |
f7675ad7 | 231 | static inline unsigned long __must_check |
1da177e4 LT |
232 | copy_to_user(void __user *to, const void *from, unsigned long n) |
233 | { | |
dab4079d | 234 | might_fault(); |
1da177e4 LT |
235 | if (access_ok(VERIFY_WRITE, to, n)) |
236 | n = __copy_to_user(to, from, n); | |
237 | return n; | |
238 | } | |
239 | ||
1da177e4 LT |
240 | /** |
241 | * __copy_from_user: - Copy a block of data from user space, with less checking. | |
242 | * @to: Destination address, in kernel space. | |
243 | * @from: Source address, in user space. | |
244 | * @n: Number of bytes to copy. | |
245 | * | |
246 | * Context: User context only. This function may sleep. | |
247 | * | |
248 | * Copy data from user space to kernel space. Caller must check | |
249 | * the specified block with access_ok() before calling this function. | |
250 | * | |
251 | * Returns number of bytes that could not be copied. | |
252 | * On success, this will be zero. | |
253 | * | |
254 | * If some data could not be copied, this function will pad the copied | |
255 | * data to the requested size using zero bytes. | |
256 | */ | |
f7675ad7 | 257 | static inline unsigned long __must_check |
1da177e4 LT |
258 | __copy_from_user(void *to, const void __user *from, unsigned long n) |
259 | { | |
d02765d1 GS |
260 | if (__builtin_constant_p(n) && (n <= 256)) |
261 | return uaccess.copy_from_user_small(n, from, to); | |
262 | else | |
263 | return uaccess.copy_from_user(n, from, to); | |
1da177e4 LT |
264 | } |
265 | ||
266 | /** | |
267 | * copy_from_user: - Copy a block of data from user space. | |
268 | * @to: Destination address, in kernel space. | |
269 | * @from: Source address, in user space. | |
270 | * @n: Number of bytes to copy. | |
271 | * | |
272 | * Context: User context only. This function may sleep. | |
273 | * | |
274 | * Copy data from user space to kernel space. | |
275 | * | |
276 | * Returns number of bytes that could not be copied. | |
277 | * On success, this will be zero. | |
278 | * | |
279 | * If some data could not be copied, this function will pad the copied | |
280 | * data to the requested size using zero bytes. | |
281 | */ | |
f7675ad7 | 282 | static inline unsigned long __must_check |
1da177e4 LT |
283 | copy_from_user(void *to, const void __user *from, unsigned long n) |
284 | { | |
dab4079d | 285 | might_fault(); |
1da177e4 LT |
286 | if (access_ok(VERIFY_READ, from, n)) |
287 | n = __copy_from_user(to, from, n); | |
288 | else | |
289 | memset(to, 0, n); | |
290 | return n; | |
291 | } | |
292 | ||
f7675ad7 | 293 | static inline unsigned long __must_check |
1da177e4 LT |
294 | __copy_in_user(void __user *to, const void __user *from, unsigned long n) |
295 | { | |
d02765d1 | 296 | return uaccess.copy_in_user(n, to, from); |
1da177e4 LT |
297 | } |
298 | ||
f7675ad7 | 299 | static inline unsigned long __must_check |
1da177e4 LT |
300 | copy_in_user(void __user *to, const void __user *from, unsigned long n) |
301 | { | |
dab4079d | 302 | might_fault(); |
1da177e4 | 303 | if (__access_ok(from,n) && __access_ok(to,n)) |
d02765d1 | 304 | n = __copy_in_user(to, from, n); |
1da177e4 LT |
305 | return n; |
306 | } | |
307 | ||
308 | /* | |
309 | * Copy a null terminated string from userspace. | |
310 | */ | |
f7675ad7 | 311 | static inline long __must_check |
1da177e4 LT |
312 | strncpy_from_user(char *dst, const char __user *src, long count) |
313 | { | |
314 | long res = -EFAULT; | |
dab4079d | 315 | might_fault(); |
1da177e4 | 316 | if (access_ok(VERIFY_READ, src, 1)) |
d02765d1 | 317 | res = uaccess.strncpy_from_user(count, src, dst); |
1da177e4 LT |
318 | return res; |
319 | } | |
320 | ||
1da177e4 LT |
321 | static inline unsigned long |
322 | strnlen_user(const char __user * src, unsigned long n) | |
323 | { | |
dab4079d | 324 | might_fault(); |
d02765d1 | 325 | return uaccess.strnlen_user(n, src); |
1da177e4 LT |
326 | } |
327 | ||
328 | /** | |
329 | * strlen_user: - Get the size of a string in user space. | |
330 | * @str: The string to measure. | |
331 | * | |
332 | * Context: User context only. This function may sleep. | |
333 | * | |
334 | * Get the size of a NUL-terminated string in user space. | |
335 | * | |
336 | * Returns the size of the string INCLUDING the terminating NUL. | |
337 | * On exception, returns 0. | |
338 | * | |
339 | * If there is a limit on the length of a valid string, you may wish to | |
340 | * consider using strnlen_user() instead. | |
341 | */ | |
342 | #define strlen_user(str) strnlen_user(str, ~0UL) | |
343 | ||
344 | /* | |
345 | * Zero Userspace | |
346 | */ | |
347 | ||
f7675ad7 | 348 | static inline unsigned long __must_check |
1da177e4 LT |
349 | __clear_user(void __user *to, unsigned long n) |
350 | { | |
d02765d1 | 351 | return uaccess.clear_user(n, to); |
1da177e4 LT |
352 | } |
353 | ||
f7675ad7 | 354 | static inline unsigned long __must_check |
1da177e4 LT |
355 | clear_user(void __user *to, unsigned long n) |
356 | { | |
dab4079d | 357 | might_fault(); |
1da177e4 | 358 | if (access_ok(VERIFY_WRITE, to, n)) |
d02765d1 | 359 | n = uaccess.clear_user(n, to); |
1da177e4 LT |
360 | return n; |
361 | } | |
362 | ||
363 | #endif /* __S390_UACCESS_H */ |