1 #ifndef __SCORE_UACCESS_H
2 #define __SCORE_UACCESS_H
3
4 #include <linux/kernel.h>
5 #include <linux/errno.h>
6 #include <linux/thread_info.h>
7 #include <asm/extable.h>
8
9 #define VERIFY_READ 0
10 #define VERIFY_WRITE 1
11
12 #define get_ds() (KERNEL_DS)
13 #define get_fs() (current_thread_info()->addr_limit)
14 #define segment_eq(a, b) ((a).seg == (b).seg)
15
16 /*
17 * Is a address valid? This does a straighforward calculation rather
18 * than tests.
19 *
20 * Address valid if:
21 * - "addr" doesn't have any high-bits set
22 * - AND "size" doesn't have any high-bits set
23 * - AND "addr+size" doesn't have any high-bits set
24 * - OR we are in kernel mode.
25 *
26 * __ua_size() is a trick to avoid runtime checking of positive constant
27 * sizes; for those we already know at compile time that the size is ok.
28 */
29 #define __ua_size(size) \
30 ((__builtin_constant_p(size) && (signed long) (size) > 0) ? 0 : (size))
31
32 /*
33 * access_ok: - Checks if a user space pointer is valid
34 * @type: Type of access: %VERIFY_READ or %VERIFY_WRITE. Note that
35 * %VERIFY_WRITE is a superset of %VERIFY_READ - if it is safe
36 * to write to a block, it is always safe to read from it.
37 * @addr: User space pointer to start of block to check
38 * @size: Size of block to check
39 *
40 * Context: User context only. This function may sleep if pagefaults are
41 * enabled.
42 *
43 * Checks if a pointer to a block of memory in user space is valid.
44 *
45 * Returns true (nonzero) if the memory block may be valid, false (zero)
46 * if it is definitely invalid.
47 *
48 * Note that, depending on architecture, this function probably just
49 * checks that the pointer is in the user space range - after calling
50 * this function, memory access functions may still return -EFAULT.
51 */
52
53 #define __access_ok(addr, size) \
54 (((long)((get_fs().seg) & \
55 ((addr) | ((addr) + (size)) | \
56 __ua_size(size)))) == 0)
57
58 #define access_ok(type, addr, size) \
59 likely(__access_ok((unsigned long)(addr), (size)))
60
61 /*
62 * put_user: - Write a simple value into user space.
63 * @x: Value to copy to user space.
64 * @ptr: Destination address, in user space.
65 *
66 * Context: User context only. This function may sleep if pagefaults are
67 * enabled.
68 *
69 * This macro copies a single simple value from kernel space to user
70 * space. It supports simple types like char and int, but not larger
71 * data types like structures or arrays.
72 *
73 * @ptr must have pointer-to-simple-variable type, and @x must be assignable
74 * to the result of dereferencing @ptr.
75 *
76 * Returns zero on success, or -EFAULT on error.
77 */
78 #define put_user(x, ptr) __put_user_check((x), (ptr), sizeof(*(ptr)))
79
80 /*
81 * get_user: - Get a simple variable from user space.
82 * @x: Variable to store result.
83 * @ptr: Source address, in user space.
84 *
85 * Context: User context only. This function may sleep if pagefaults are
86 * enabled.
87 *
88 * This macro copies a single simple variable from user space to kernel
89 * space. It supports simple types like char and int, but not larger
90 * data types like structures or arrays.
91 *
92 * @ptr must have pointer-to-simple-variable type, and the result of
93 * dereferencing @ptr must be assignable to @x without a cast.
94 *
95 * Returns zero on success, or -EFAULT on error.
96 * On error, the variable @x is set to zero.
97 */
98 #define get_user(x, ptr) __get_user_check((x), (ptr), sizeof(*(ptr)))
99
100 /*
101 * __put_user: - Write a simple value into user space, with less checking.
102 * @x: Value to copy to user space.
103 * @ptr: Destination address, in user space.
104 *
105 * Context: User context only. This function may sleep if pagefaults are
106 * enabled.
107 *
108 * This macro copies a single simple value from kernel space to user
109 * space. It supports simple types like char and int, but not larger
110 * data types like structures or arrays.
111 *
112 * @ptr must have pointer-to-simple-variable type, and @x must be assignable
113 * to the result of dereferencing @ptr.
114 *
115 * Caller must check the pointer with access_ok() before calling this
116 * function.
117 *
118 * Returns zero on success, or -EFAULT on error.
119 */
120 #define __put_user(x, ptr) __put_user_nocheck((x), (ptr), sizeof(*(ptr)))
121
122 /*
123 * __get_user: - Get a simple variable from user space, with less checking.
124 * @x: Variable to store result.
125 * @ptr: Source address, in user space.
126 *
127 * Context: User context only. This function may sleep if pagefaults are
128 * enabled.
129 *
130 * This macro copies a single simple variable from user space to kernel
131 * space. It supports simple types like char and int, but not larger
132 * data types like structures or arrays.
133 *
134 * @ptr must have pointer-to-simple-variable type, and the result of
135 * dereferencing @ptr must be assignable to @x without a cast.
136 *
137 * Caller must check the pointer with access_ok() before calling this
138 * function.
139 *
140 * Returns zero on success, or -EFAULT on error.
141 * On error, the variable @x is set to zero.
142 */
143 #define __get_user(x, ptr) __get_user_nocheck((x), (ptr), sizeof(*(ptr)))
144
145 struct __large_struct { unsigned long buf[100]; };
146 #define __m(x) (*(struct __large_struct __user *)(x))
147
148 /*
149 * Yuck. We need two variants, one for 64bit operation and one
150 * for 32 bit mode and old iron.
151 */
152 extern void __get_user_unknown(void);
153
154 #define __get_user_common(val, size, ptr) \
155 do { \
156 switch (size) { \
157 case 1: \
158 __get_user_asm(val, "lb", ptr); \
159 break; \
160 case 2: \
161 __get_user_asm(val, "lh", ptr); \
162 break; \
163 case 4: \
164 __get_user_asm(val, "lw", ptr); \
165 break; \
166 case 8: \
167 if (__copy_from_user((void *)&val, ptr, 8) == 0) \
168 __gu_err = 0; \
169 else \
170 __gu_err = -EFAULT; \
171 break; \
172 default: \
173 __get_user_unknown(); \
174 break; \
175 } \
176 } while (0)
177
178 #define __get_user_nocheck(x, ptr, size) \
179 ({ \
180 long __gu_err = 0; \
181 __get_user_common((x), size, ptr); \
182 __gu_err; \
183 })
184
185 #define __get_user_check(x, ptr, size) \
186 ({ \
187 long __gu_err = -EFAULT; \
188 const __typeof__(*(ptr)) __user *__gu_ptr = (ptr); \
189 \
190 if (likely(access_ok(VERIFY_READ, __gu_ptr, size))) \
191 __get_user_common((x), size, __gu_ptr); \
192 else \
193 (x) = 0; \
194 \
195 __gu_err; \
196 })
197
198 #define __get_user_asm(val, insn, addr) \
199 { \
200 long __gu_tmp; \
201 \
202 __asm__ __volatile__( \
203 "1:" insn " %1, %3\n" \
204 "2:\n" \
205 ".section .fixup,\"ax\"\n" \
206 "3:li %0, %4\n" \
207 "li %1, 0\n" \
208 "j 2b\n" \
209 ".previous\n" \
210 ".section __ex_table,\"a\"\n" \
211 ".word 1b, 3b\n" \
212 ".previous\n" \
213 : "=r" (__gu_err), "=r" (__gu_tmp) \
214 : "0" (0), "o" (__m(addr)), "i" (-EFAULT)); \
215 \
216 (val) = (__typeof__(*(addr))) __gu_tmp; \
217 }
218
219 /*
220 * Yuck. We need two variants, one for 64bit operation and one
221 * for 32 bit mode and old iron.
222 */
223 #define __put_user_nocheck(val, ptr, size) \
224 ({ \
225 __typeof__(*(ptr)) __pu_val; \
226 long __pu_err = 0; \
227 \
228 __pu_val = (val); \
229 switch (size) { \
230 case 1: \
231 __put_user_asm("sb", ptr); \
232 break; \
233 case 2: \
234 __put_user_asm("sh", ptr); \
235 break; \
236 case 4: \
237 __put_user_asm("sw", ptr); \
238 break; \
239 case 8: \
240 if ((__copy_to_user((void *)ptr, &__pu_val, 8)) == 0) \
241 __pu_err = 0; \
242 else \
243 __pu_err = -EFAULT; \
244 break; \
245 default: \
246 __put_user_unknown(); \
247 break; \
248 } \
249 __pu_err; \
250 })
251
252
253 #define __put_user_check(val, ptr, size) \
254 ({ \
255 __typeof__(*(ptr)) __user *__pu_addr = (ptr); \
256 __typeof__(*(ptr)) __pu_val = (val); \
257 long __pu_err = -EFAULT; \
258 \
259 if (likely(access_ok(VERIFY_WRITE, __pu_addr, size))) { \
260 switch (size) { \
261 case 1: \
262 __put_user_asm("sb", __pu_addr); \
263 break; \
264 case 2: \
265 __put_user_asm("sh", __pu_addr); \
266 break; \
267 case 4: \
268 __put_user_asm("sw", __pu_addr); \
269 break; \
270 case 8: \
271 if ((__copy_to_user((void *)__pu_addr, &__pu_val, 8)) == 0)\
272 __pu_err = 0; \
273 else \
274 __pu_err = -EFAULT; \
275 break; \
276 default: \
277 __put_user_unknown(); \
278 break; \
279 } \
280 } \
281 __pu_err; \
282 })
283
284 #define __put_user_asm(insn, ptr) \
285 __asm__ __volatile__( \
286 "1:" insn " %2, %3\n" \
287 "2:\n" \
288 ".section .fixup,\"ax\"\n" \
289 "3:li %0, %4\n" \
290 "j 2b\n" \
291 ".previous\n" \
292 ".section __ex_table,\"a\"\n" \
293 ".word 1b, 3b\n" \
294 ".previous\n" \
295 : "=r" (__pu_err) \
296 : "0" (0), "r" (__pu_val), "o" (__m(ptr)), \
297 "i" (-EFAULT));
298
299 extern void __put_user_unknown(void);
300 extern int __copy_tofrom_user(void *to, const void *from, unsigned long len);
301
302 static inline unsigned long
copy_from_user(void * to,const void * from,unsigned long len)303 copy_from_user(void *to, const void *from, unsigned long len)
304 {
305 unsigned long res = len;
306
307 if (likely(access_ok(VERIFY_READ, from, len)))
308 res = __copy_tofrom_user(to, from, len);
309
310 if (unlikely(res))
311 memset(to + (len - res), 0, res);
312
313 return res;
314 }
315
316 static inline unsigned long
copy_to_user(void * to,const void * from,unsigned long len)317 copy_to_user(void *to, const void *from, unsigned long len)
318 {
319 if (likely(access_ok(VERIFY_WRITE, to, len)))
320 len = __copy_tofrom_user(to, from, len);
321
322 return len;
323 }
324
325 static inline unsigned long
__copy_from_user(void * to,const void * from,unsigned long len)326 __copy_from_user(void *to, const void *from, unsigned long len)
327 {
328 unsigned long left = __copy_tofrom_user(to, from, len);
329 if (unlikely(left))
330 memset(to + (len - left), 0, left);
331 return left;
332 }
333
334 #define __copy_to_user(to, from, len) \
335 __copy_tofrom_user((to), (from), (len))
336
337 static inline unsigned long
__copy_to_user_inatomic(void * to,const void * from,unsigned long len)338 __copy_to_user_inatomic(void *to, const void *from, unsigned long len)
339 {
340 return __copy_to_user(to, from, len);
341 }
342
343 static inline unsigned long
__copy_from_user_inatomic(void * to,const void * from,unsigned long len)344 __copy_from_user_inatomic(void *to, const void *from, unsigned long len)
345 {
346 return __copy_tofrom_user(to, from, len);
347 }
348
349 #define __copy_in_user(to, from, len) __copy_tofrom_user(to, from, len)
350
351 static inline unsigned long
copy_in_user(void * to,const void * from,unsigned long len)352 copy_in_user(void *to, const void *from, unsigned long len)
353 {
354 if (access_ok(VERIFY_READ, from, len) &&
355 access_ok(VERFITY_WRITE, to, len))
356 return __copy_tofrom_user(to, from, len);
357 }
358
359 /*
360 * __clear_user: - Zero a block of memory in user space, with less checking.
361 * @to: Destination address, in user space.
362 * @n: Number of bytes to zero.
363 *
364 * Zero a block of memory in user space. Caller must check
365 * the specified block with access_ok() before calling this function.
366 *
367 * Returns number of bytes that could not be cleared.
368 * On success, this will be zero.
369 */
370 extern unsigned long __clear_user(void __user *src, unsigned long size);
371
clear_user(char * src,unsigned long size)372 static inline unsigned long clear_user(char *src, unsigned long size)
373 {
374 if (access_ok(VERIFY_WRITE, src, size))
375 return __clear_user(src, size);
376
377 return -EFAULT;
378 }
379 /*
380 * __strncpy_from_user: - Copy a NUL terminated string from userspace, with less checking.
381 * @dst: Destination address, in kernel space. This buffer must be at
382 * least @count bytes long.
383 * @src: Source address, in user space.
384 * @count: Maximum number of bytes to copy, including the trailing NUL.
385 *
386 * Copies a NUL-terminated string from userspace to kernel space.
387 * Caller must check the specified block with access_ok() before calling
388 * this function.
389 *
390 * On success, returns the length of the string (not including the trailing
391 * NUL).
392 *
393 * If access to userspace fails, returns -EFAULT (some data may have been
394 * copied).
395 *
396 * If @count is smaller than the length of the string, copies @count bytes
397 * and returns @count.
398 */
399 extern int __strncpy_from_user(char *dst, const char *src, long len);
400
strncpy_from_user(char * dst,const char * src,long len)401 static inline int strncpy_from_user(char *dst, const char *src, long len)
402 {
403 if (access_ok(VERIFY_READ, src, 1))
404 return __strncpy_from_user(dst, src, len);
405
406 return -EFAULT;
407 }
408
409 extern int __strlen_user(const char *src);
strlen_user(const char __user * src)410 static inline long strlen_user(const char __user *src)
411 {
412 return __strlen_user(src);
413 }
414
415 extern int __strnlen_user(const char *str, long len);
strnlen_user(const char __user * str,long len)416 static inline long strnlen_user(const char __user *str, long len)
417 {
418 if (!access_ok(VERIFY_READ, str, 0))
419 return 0;
420 else
421 return __strnlen_user(str, len);
422 }
423
424 #endif /* __SCORE_UACCESS_H */
425
426