1#include <linux/module.h>
 
 
 
 
  2#include <linux/uaccess.h>
  3#include <linux/kernel.h>
  4#include <linux/errno.h>
 
  5
  6#include <asm/byteorder.h>
  7#include <asm/word-at-a-time.h>
  8
  9#ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
 10#define IS_UNALIGNED(src, dst)	0
 11#else
 12#define IS_UNALIGNED(src, dst)	\
 13	(((long) dst | (long) src) & (sizeof(long) - 1))
 14#endif
 15
 16/*
 17 * Do a strncpy, return length of string without final '\0'.
 18 * 'count' is the user-supplied count (return 'count' if we
 19 * hit it), 'max' is the address space maximum (and we return
 20 * -EFAULT if we hit it).
 21 */
 22static inline long do_strncpy_from_user(char *dst, const char __user *src, long count, unsigned long max)
 
 23{
 24	const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;
 25	long res = 0;
 26
 27	/*
 28	 * Truncate 'max' to the user-specified limit, so that
 29	 * we only have one limit we need to check in the loop
 30	 */
 31	if (max > count)
 32		max = count;
 33
 34	if (IS_UNALIGNED(src, dst))
 35		goto byte_at_a_time;
 36
 37	while (max >= sizeof(unsigned long)) {
 38		unsigned long c, data;
 39
 40		/* Fall back to byte-at-a-time if we get a page fault */
 41		if (unlikely(__get_user(c,(unsigned long __user *)(src+res))))
 42			break;
 43		*(unsigned long *)(dst+res) = c;
 44		if (has_zero(c, &data, &constants)) {
 45			data = prep_zero_mask(c, data, &constants);
 46			data = create_zero_mask(data);
 47			return res + find_zero(data);
 48		}
 49		res += sizeof(unsigned long);
 50		max -= sizeof(unsigned long);
 51	}
 52
 53byte_at_a_time:
 54	while (max) {
 55		char c;
 56
 57		if (unlikely(__get_user(c,src+res)))
 58			return -EFAULT;
 59		dst[res] = c;
 60		if (!c)
 61			return res;
 62		res++;
 63		max--;
 64	}
 65
 66	/*
 67	 * Uhhuh. We hit 'max'. But was that the user-specified maximum
 68	 * too? If so, that's ok - we got as much as the user asked for.
 69	 */
 70	if (res >= count)
 71		return res;
 72
 73	/*
 74	 * Nope: we hit the address space limit, and we still had more
 75	 * characters the caller would have wanted. That's an EFAULT.
 76	 */
 
 77	return -EFAULT;
 78}
 79
 80/**
 81 * strncpy_from_user: - Copy a NUL terminated string from userspace.
 82 * @dst:   Destination address, in kernel space.  This buffer must be at
 83 *         least @count bytes long.
 84 * @src:   Source address, in user space.
 85 * @count: Maximum number of bytes to copy, including the trailing NUL.
 86 *
 87 * Copies a NUL-terminated string from userspace to kernel space.
 88 *
 89 * On success, returns the length of the string (not including the trailing
 90 * NUL).
 91 *
 92 * If access to userspace fails, returns -EFAULT (some data may have been
 93 * copied).
 94 *
 95 * If @count is smaller than the length of the string, copies @count bytes
 96 * and returns @count.
 97 */
 98long strncpy_from_user(char *dst, const char __user *src, long count)
 99{
100	unsigned long max_addr, src_addr;
101
 
102	if (unlikely(count <= 0))
103		return 0;
104
105	max_addr = user_addr_max();
106	src_addr = (unsigned long)src;
107	if (likely(src_addr < max_addr)) {
108		unsigned long max = max_addr - src_addr;
109		return do_strncpy_from_user(dst, src, count, max);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
110	}
111	return -EFAULT;
112}
113EXPORT_SYMBOL(strncpy_from_user);

  1// SPDX-License-Identifier: GPL-2.0
  2#include <linux/compiler.h>
  3#include <linux/export.h>
  4#include <linux/kasan-checks.h>
  5#include <linux/thread_info.h>
  6#include <linux/uaccess.h>
  7#include <linux/kernel.h>
  8#include <linux/errno.h>
  9#include <linux/mm.h>
 10
 11#include <asm/byteorder.h>
 12#include <asm/word-at-a-time.h>
 13
 14#ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
 15#define IS_UNALIGNED(src, dst)	0
 16#else
 17#define IS_UNALIGNED(src, dst)	\
 18	(((long) dst | (long) src) & (sizeof(long) - 1))
 19#endif
 20
 21/*
 22 * Do a strncpy, return length of string without final '\0'.
 23 * 'count' is the user-supplied count (return 'count' if we
 24 * hit it), 'max' is the address space maximum (and we return
 25 * -EFAULT if we hit it).
 26 */
 27static inline long do_strncpy_from_user(char *dst, const char __user *src,
 28					unsigned long count, unsigned long max)
 29{
 30	const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;
 31	unsigned long res = 0;
 
 
 
 
 
 
 
 32
 33	if (IS_UNALIGNED(src, dst))
 34		goto byte_at_a_time;
 35
 36	while (max >= sizeof(unsigned long)) {
 37		unsigned long c, data;
 38
 39		/* Fall back to byte-at-a-time if we get a page fault */
 40		unsafe_get_user(c, (unsigned long __user *)(src+res), byte_at_a_time);
 41
 42		*(unsigned long *)(dst+res) = c;
 43		if (has_zero(c, &data, &constants)) {
 44			data = prep_zero_mask(c, data, &constants);
 45			data = create_zero_mask(data);
 46			return res + find_zero(data);
 47		}
 48		res += sizeof(unsigned long);
 49		max -= sizeof(unsigned long);
 50	}
 51
 52byte_at_a_time:
 53	while (max) {
 54		char c;
 55
 56		unsafe_get_user(c,src+res, efault);
 
 57		dst[res] = c;
 58		if (!c)
 59			return res;
 60		res++;
 61		max--;
 62	}
 63
 64	/*
 65	 * Uhhuh. We hit 'max'. But was that the user-specified maximum
 66	 * too? If so, that's ok - we got as much as the user asked for.
 67	 */
 68	if (res >= count)
 69		return res;
 70
 71	/*
 72	 * Nope: we hit the address space limit, and we still had more
 73	 * characters the caller would have wanted. That's an EFAULT.
 74	 */
 75efault:
 76	return -EFAULT;
 77}
 78
 79/**
 80 * strncpy_from_user: - Copy a NUL terminated string from userspace.
 81 * @dst:   Destination address, in kernel space.  This buffer must be at
 82 *         least @count bytes long.
 83 * @src:   Source address, in user space.
 84 * @count: Maximum number of bytes to copy, including the trailing NUL.
 85 *
 86 * Copies a NUL-terminated string from userspace to kernel space.
 87 *
 88 * On success, returns the length of the string (not including the trailing
 89 * NUL).
 90 *
 91 * If access to userspace fails, returns -EFAULT (some data may have been
 92 * copied).
 93 *
 94 * If @count is smaller than the length of the string, copies @count bytes
 95 * and returns @count.
 96 */
 97long strncpy_from_user(char *dst, const char __user *src, long count)
 98{
 99	unsigned long max_addr, src_addr;
100
101	might_fault();
102	if (unlikely(count <= 0))
103		return 0;
104
105	max_addr = user_addr_max();
106	src_addr = (unsigned long)untagged_addr(src);
107	if (likely(src_addr < max_addr)) {
108		unsigned long max = max_addr - src_addr;
109		long retval;
110
111		/*
112		 * Truncate 'max' to the user-specified limit, so that
113		 * we only have one limit we need to check in the loop
114		 */
115		if (max > count)
116			max = count;
117
118		kasan_check_write(dst, count);
119		check_object_size(dst, count, false);
120		if (user_read_access_begin(src, max)) {
121			retval = do_strncpy_from_user(dst, src, count, max);
122			user_read_access_end();
123			return retval;
124		}
125	}
126	return -EFAULT;
127}
128EXPORT_SYMBOL(strncpy_from_user);