Linux Audio

Check our new training course

Open Menu / lib / usercopy.c
Loading...
v3.15
1#include <linux/export.h>
2#include <linux/bug.h>
 
 
3#include <linux/uaccess.h>
4
5void copy_from_user_overflow(void)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
6{
7	WARN(1, "Buffer overflow detected!\n");
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
8}
9EXPORT_SYMBOL(copy_from_user_overflow);
v6.2
 1// SPDX-License-Identifier: GPL-2.0
 2#include <linux/bitops.h>
 3#include <linux/fault-inject-usercopy.h>
 4#include <linux/instrumented.h>
 5#include <linux/uaccess.h>
 6
 7/* out-of-line parts */
 8
 9#ifndef INLINE_COPY_FROM_USER
10unsigned long _copy_from_user(void *to, const void __user *from, unsigned long n)
11{
12	unsigned long res = n;
13	might_fault();
14	if (!should_fail_usercopy() && likely(access_ok(from, n))) {
15		instrument_copy_from_user_before(to, from, n);
16		res = raw_copy_from_user(to, from, n);
17		instrument_copy_from_user_after(to, from, n, res);
18	}
19	if (unlikely(res))
20		memset(to + (n - res), 0, res);
21	return res;
22}
23EXPORT_SYMBOL(_copy_from_user);
24#endif
25
26#ifndef INLINE_COPY_TO_USER
27unsigned long _copy_to_user(void __user *to, const void *from, unsigned long n)
28{
29	might_fault();
30	if (should_fail_usercopy())
31		return n;
32	if (likely(access_ok(to, n))) {
33		instrument_copy_to_user(to, from, n);
34		n = raw_copy_to_user(to, from, n);
35	}
36	return n;
37}
38EXPORT_SYMBOL(_copy_to_user);
39#endif
40
41/**
42 * check_zeroed_user: check if a userspace buffer only contains zero bytes
43 * @from: Source address, in userspace.
44 * @size: Size of buffer.
45 *
46 * This is effectively shorthand for "memchr_inv(from, 0, size) == NULL" for
47 * userspace addresses (and is more efficient because we don't care where the
48 * first non-zero byte is).
49 *
50 * Returns:
51 *  * 0: There were non-zero bytes present in the buffer.
52 *  * 1: The buffer was full of zero bytes.
53 *  * -EFAULT: access to userspace failed.
54 */
55int check_zeroed_user(const void __user *from, size_t size)
56{
57	unsigned long val;
58	uintptr_t align = (uintptr_t) from % sizeof(unsigned long);
59
60	if (unlikely(size == 0))
61		return 1;
62
63	from -= align;
64	size += align;
65
66	if (!user_read_access_begin(from, size))
67		return -EFAULT;
68
69	unsafe_get_user(val, (unsigned long __user *) from, err_fault);
70	if (align)
71		val &= ~aligned_byte_mask(align);
72
73	while (size > sizeof(unsigned long)) {
74		if (unlikely(val))
75			goto done;
76
77		from += sizeof(unsigned long);
78		size -= sizeof(unsigned long);
79
80		unsafe_get_user(val, (unsigned long __user *) from, err_fault);
81	}
82
83	if (size < sizeof(unsigned long))
84		val &= aligned_byte_mask(size);
85
86done:
87	user_read_access_end();
88	return (val == 0);
89err_fault:
90	user_read_access_end();
91	return -EFAULT;
92}
93EXPORT_SYMBOL(check_zeroed_user);