Loading...
1/*
2 * include/asm-s390/uaccess.h
3 *
4 * S390 version
5 * Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation
6 * Author(s): Hartmut Penner (hp@de.ibm.com),
7 * Martin Schwidefsky (schwidefsky@de.ibm.com)
8 *
9 * Derived from "include/asm-i386/uaccess.h"
10 */
11#ifndef __S390_UACCESS_H
12#define __S390_UACCESS_H
13
14/*
15 * User space memory access functions
16 */
17#include <linux/sched.h>
18#include <linux/errno.h>
19#include <asm/ctl_reg.h>
20
21#define VERIFY_READ 0
22#define VERIFY_WRITE 1
23
24
25/*
26 * The fs value determines whether argument validity checking should be
27 * performed or not. If get_fs() == USER_DS, checking is performed, with
28 * get_fs() == KERNEL_DS, checking is bypassed.
29 *
30 * For historical reasons, these macros are grossly misnamed.
31 */
32
33#define MAKE_MM_SEG(a) ((mm_segment_t) { (a) })
34
35
36#define KERNEL_DS MAKE_MM_SEG(0)
37#define USER_DS MAKE_MM_SEG(1)
38
39#define get_ds() (KERNEL_DS)
40#define get_fs() (current->thread.mm_segment)
41
42#define set_fs(x) \
43({ \
44 unsigned long __pto; \
45 current->thread.mm_segment = (x); \
46 __pto = current->thread.mm_segment.ar4 ? \
47 S390_lowcore.user_asce : S390_lowcore.kernel_asce; \
48 __ctl_load(__pto, 7, 7); \
49})
50
51#define segment_eq(a,b) ((a).ar4 == (b).ar4)
52
53static inline int __range_ok(unsigned long addr, unsigned long size)
54{
55 return 1;
56}
57
58#define __access_ok(addr, size) \
59({ \
60 __chk_user_ptr(addr); \
61 __range_ok((unsigned long)(addr), (size)); \
62})
63
64#define access_ok(type, addr, size) __access_ok(addr, size)
65
66/*
67 * The exception table consists of pairs of addresses: the first is the
68 * address of an instruction that is allowed to fault, and the second is
69 * the address at which the program should continue. No registers are
70 * modified, so it is entirely up to the continuation code to figure out
71 * what to do.
72 *
73 * All the routines below use bits of fixup code that are out of line
74 * with the main instruction path. This means when everything is well,
75 * we don't even have to jump over them. Further, they do not intrude
76 * on our cache or tlb entries.
77 */
78
79struct exception_table_entry
80{
81 unsigned long insn, fixup;
82};
83
84struct uaccess_ops {
85 size_t (*copy_from_user)(size_t, const void __user *, void *);
86 size_t (*copy_from_user_small)(size_t, const void __user *, void *);
87 size_t (*copy_to_user)(size_t, void __user *, const void *);
88 size_t (*copy_to_user_small)(size_t, void __user *, const void *);
89 size_t (*copy_in_user)(size_t, void __user *, const void __user *);
90 size_t (*clear_user)(size_t, void __user *);
91 size_t (*strnlen_user)(size_t, const char __user *);
92 size_t (*strncpy_from_user)(size_t, const char __user *, char *);
93 int (*futex_atomic_op)(int op, u32 __user *, int oparg, int *old);
94 int (*futex_atomic_cmpxchg)(u32 *, u32 __user *, u32 old, u32 new);
95};
96
97extern struct uaccess_ops uaccess;
98extern struct uaccess_ops uaccess_std;
99extern struct uaccess_ops uaccess_mvcos;
100extern struct uaccess_ops uaccess_mvcos_switch;
101extern struct uaccess_ops uaccess_pt;
102
103extern int __handle_fault(unsigned long, unsigned long, int);
104
105static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
106{
107 size = uaccess.copy_to_user_small(size, ptr, x);
108 return size ? -EFAULT : size;
109}
110
111static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
112{
113 size = uaccess.copy_from_user_small(size, ptr, x);
114 return size ? -EFAULT : size;
115}
116
117/*
118 * These are the main single-value transfer routines. They automatically
119 * use the right size if we just have the right pointer type.
120 */
121#define __put_user(x, ptr) \
122({ \
123 __typeof__(*(ptr)) __x = (x); \
124 int __pu_err = -EFAULT; \
125 __chk_user_ptr(ptr); \
126 switch (sizeof (*(ptr))) { \
127 case 1: \
128 case 2: \
129 case 4: \
130 case 8: \
131 __pu_err = __put_user_fn(sizeof (*(ptr)), \
132 ptr, &__x); \
133 break; \
134 default: \
135 __put_user_bad(); \
136 break; \
137 } \
138 __pu_err; \
139})
140
141#define put_user(x, ptr) \
142({ \
143 might_fault(); \
144 __put_user(x, ptr); \
145})
146
147
148extern int __put_user_bad(void) __attribute__((noreturn));
149
150#define __get_user(x, ptr) \
151({ \
152 int __gu_err = -EFAULT; \
153 __chk_user_ptr(ptr); \
154 switch (sizeof(*(ptr))) { \
155 case 1: { \
156 unsigned char __x; \
157 __gu_err = __get_user_fn(sizeof (*(ptr)), \
158 ptr, &__x); \
159 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
160 break; \
161 }; \
162 case 2: { \
163 unsigned short __x; \
164 __gu_err = __get_user_fn(sizeof (*(ptr)), \
165 ptr, &__x); \
166 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
167 break; \
168 }; \
169 case 4: { \
170 unsigned int __x; \
171 __gu_err = __get_user_fn(sizeof (*(ptr)), \
172 ptr, &__x); \
173 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
174 break; \
175 }; \
176 case 8: { \
177 unsigned long long __x; \
178 __gu_err = __get_user_fn(sizeof (*(ptr)), \
179 ptr, &__x); \
180 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
181 break; \
182 }; \
183 default: \
184 __get_user_bad(); \
185 break; \
186 } \
187 __gu_err; \
188})
189
190#define get_user(x, ptr) \
191({ \
192 might_fault(); \
193 __get_user(x, ptr); \
194})
195
196extern int __get_user_bad(void) __attribute__((noreturn));
197
198#define __put_user_unaligned __put_user
199#define __get_user_unaligned __get_user
200
201/**
202 * __copy_to_user: - Copy a block of data into user space, with less checking.
203 * @to: Destination address, in user space.
204 * @from: Source address, in kernel space.
205 * @n: Number of bytes to copy.
206 *
207 * Context: User context only. This function may sleep.
208 *
209 * Copy data from kernel space to user space. Caller must check
210 * the specified block with access_ok() before calling this function.
211 *
212 * Returns number of bytes that could not be copied.
213 * On success, this will be zero.
214 */
215static inline unsigned long __must_check
216__copy_to_user(void __user *to, const void *from, unsigned long n)
217{
218 if (__builtin_constant_p(n) && (n <= 256))
219 return uaccess.copy_to_user_small(n, to, from);
220 else
221 return uaccess.copy_to_user(n, to, from);
222}
223
224#define __copy_to_user_inatomic __copy_to_user
225#define __copy_from_user_inatomic __copy_from_user
226
227/**
228 * copy_to_user: - Copy a block of data into user space.
229 * @to: Destination address, in user space.
230 * @from: Source address, in kernel space.
231 * @n: Number of bytes to copy.
232 *
233 * Context: User context only. This function may sleep.
234 *
235 * Copy data from kernel space to user space.
236 *
237 * Returns number of bytes that could not be copied.
238 * On success, this will be zero.
239 */
240static inline unsigned long __must_check
241copy_to_user(void __user *to, const void *from, unsigned long n)
242{
243 might_fault();
244 if (access_ok(VERIFY_WRITE, to, n))
245 n = __copy_to_user(to, from, n);
246 return n;
247}
248
249/**
250 * __copy_from_user: - Copy a block of data from user space, with less checking.
251 * @to: Destination address, in kernel space.
252 * @from: Source address, in user space.
253 * @n: Number of bytes to copy.
254 *
255 * Context: User context only. This function may sleep.
256 *
257 * Copy data from user space to kernel space. Caller must check
258 * the specified block with access_ok() before calling this function.
259 *
260 * Returns number of bytes that could not be copied.
261 * On success, this will be zero.
262 *
263 * If some data could not be copied, this function will pad the copied
264 * data to the requested size using zero bytes.
265 */
266static inline unsigned long __must_check
267__copy_from_user(void *to, const void __user *from, unsigned long n)
268{
269 if (__builtin_constant_p(n) && (n <= 256))
270 return uaccess.copy_from_user_small(n, from, to);
271 else
272 return uaccess.copy_from_user(n, from, to);
273}
274
275extern void copy_from_user_overflow(void)
276#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
277__compiletime_warning("copy_from_user() buffer size is not provably correct")
278#endif
279;
280
281/**
282 * copy_from_user: - Copy a block of data from user space.
283 * @to: Destination address, in kernel space.
284 * @from: Source address, in user space.
285 * @n: Number of bytes to copy.
286 *
287 * Context: User context only. This function may sleep.
288 *
289 * Copy data from user space to kernel space.
290 *
291 * Returns number of bytes that could not be copied.
292 * On success, this will be zero.
293 *
294 * If some data could not be copied, this function will pad the copied
295 * data to the requested size using zero bytes.
296 */
297static inline unsigned long __must_check
298copy_from_user(void *to, const void __user *from, unsigned long n)
299{
300 unsigned int sz = __compiletime_object_size(to);
301
302 might_fault();
303 if (unlikely(sz != -1 && sz < n)) {
304 copy_from_user_overflow();
305 return n;
306 }
307 if (access_ok(VERIFY_READ, from, n))
308 n = __copy_from_user(to, from, n);
309 else
310 memset(to, 0, n);
311 return n;
312}
313
314static inline unsigned long __must_check
315__copy_in_user(void __user *to, const void __user *from, unsigned long n)
316{
317 return uaccess.copy_in_user(n, to, from);
318}
319
320static inline unsigned long __must_check
321copy_in_user(void __user *to, const void __user *from, unsigned long n)
322{
323 might_fault();
324 if (__access_ok(from,n) && __access_ok(to,n))
325 n = __copy_in_user(to, from, n);
326 return n;
327}
328
329/*
330 * Copy a null terminated string from userspace.
331 */
332static inline long __must_check
333strncpy_from_user(char *dst, const char __user *src, long count)
334{
335 long res = -EFAULT;
336 might_fault();
337 if (access_ok(VERIFY_READ, src, 1))
338 res = uaccess.strncpy_from_user(count, src, dst);
339 return res;
340}
341
342static inline unsigned long
343strnlen_user(const char __user * src, unsigned long n)
344{
345 might_fault();
346 return uaccess.strnlen_user(n, src);
347}
348
349/**
350 * strlen_user: - Get the size of a string in user space.
351 * @str: The string to measure.
352 *
353 * Context: User context only. This function may sleep.
354 *
355 * Get the size of a NUL-terminated string in user space.
356 *
357 * Returns the size of the string INCLUDING the terminating NUL.
358 * On exception, returns 0.
359 *
360 * If there is a limit on the length of a valid string, you may wish to
361 * consider using strnlen_user() instead.
362 */
363#define strlen_user(str) strnlen_user(str, ~0UL)
364
365/*
366 * Zero Userspace
367 */
368
369static inline unsigned long __must_check
370__clear_user(void __user *to, unsigned long n)
371{
372 return uaccess.clear_user(n, to);
373}
374
375static inline unsigned long __must_check
376clear_user(void __user *to, unsigned long n)
377{
378 might_fault();
379 if (access_ok(VERIFY_WRITE, to, n))
380 n = uaccess.clear_user(n, to);
381 return n;
382}
383
384extern int memcpy_real(void *, void *, size_t);
385extern void memcpy_absolute(void *, void *, size_t);
386extern int copy_to_user_real(void __user *dest, void *src, size_t count);
387extern int copy_from_user_real(void *dest, void __user *src, size_t count);
388
389#endif /* __S390_UACCESS_H */
1/*
2 * S390 version
3 * Copyright IBM Corp. 1999, 2000
4 * Author(s): Hartmut Penner (hp@de.ibm.com),
5 * Martin Schwidefsky (schwidefsky@de.ibm.com)
6 *
7 * Derived from "include/asm-i386/uaccess.h"
8 */
9#ifndef __S390_UACCESS_H
10#define __S390_UACCESS_H
11
12/*
13 * User space memory access functions
14 */
15#include <linux/sched.h>
16#include <linux/errno.h>
17#include <asm/ctl_reg.h>
18
19#define VERIFY_READ 0
20#define VERIFY_WRITE 1
21
22
23/*
24 * The fs value determines whether argument validity checking should be
25 * performed or not. If get_fs() == USER_DS, checking is performed, with
26 * get_fs() == KERNEL_DS, checking is bypassed.
27 *
28 * For historical reasons, these macros are grossly misnamed.
29 */
30
31#define MAKE_MM_SEG(a) ((mm_segment_t) { (a) })
32
33
34#define KERNEL_DS MAKE_MM_SEG(0)
35#define USER_DS MAKE_MM_SEG(1)
36
37#define get_ds() (KERNEL_DS)
38#define get_fs() (current->thread.mm_segment)
39
40#define set_fs(x) \
41({ \
42 unsigned long __pto; \
43 current->thread.mm_segment = (x); \
44 __pto = current->thread.mm_segment.ar4 ? \
45 S390_lowcore.user_asce : S390_lowcore.kernel_asce; \
46 __ctl_load(__pto, 7, 7); \
47})
48
49#define segment_eq(a,b) ((a).ar4 == (b).ar4)
50
51static inline int __range_ok(unsigned long addr, unsigned long size)
52{
53 return 1;
54}
55
56#define __access_ok(addr, size) \
57({ \
58 __chk_user_ptr(addr); \
59 __range_ok((unsigned long)(addr), (size)); \
60})
61
62#define access_ok(type, addr, size) __access_ok(addr, size)
63
64/*
65 * The exception table consists of pairs of addresses: the first is the
66 * address of an instruction that is allowed to fault, and the second is
67 * the address at which the program should continue. No registers are
68 * modified, so it is entirely up to the continuation code to figure out
69 * what to do.
70 *
71 * All the routines below use bits of fixup code that are out of line
72 * with the main instruction path. This means when everything is well,
73 * we don't even have to jump over them. Further, they do not intrude
74 * on our cache or tlb entries.
75 */
76
77struct exception_table_entry
78{
79 int insn, fixup;
80};
81
82static inline unsigned long extable_insn(const struct exception_table_entry *x)
83{
84 return (unsigned long)&x->insn + x->insn;
85}
86
87static inline unsigned long extable_fixup(const struct exception_table_entry *x)
88{
89 return (unsigned long)&x->fixup + x->fixup;
90}
91
92#define ARCH_HAS_SORT_EXTABLE
93#define ARCH_HAS_SEARCH_EXTABLE
94
95/**
96 * __copy_from_user: - Copy a block of data from user space, with less checking.
97 * @to: Destination address, in kernel space.
98 * @from: Source address, in user space.
99 * @n: Number of bytes to copy.
100 *
101 * Context: User context only. This function may sleep.
102 *
103 * Copy data from user space to kernel space. Caller must check
104 * the specified block with access_ok() before calling this function.
105 *
106 * Returns number of bytes that could not be copied.
107 * On success, this will be zero.
108 *
109 * If some data could not be copied, this function will pad the copied
110 * data to the requested size using zero bytes.
111 */
112unsigned long __must_check __copy_from_user(void *to, const void __user *from,
113 unsigned long n);
114
115/**
116 * __copy_to_user: - Copy a block of data into user space, with less checking.
117 * @to: Destination address, in user space.
118 * @from: Source address, in kernel space.
119 * @n: Number of bytes to copy.
120 *
121 * Context: User context only. This function may sleep.
122 *
123 * Copy data from kernel space to user space. Caller must check
124 * the specified block with access_ok() before calling this function.
125 *
126 * Returns number of bytes that could not be copied.
127 * On success, this will be zero.
128 */
129unsigned long __must_check __copy_to_user(void __user *to, const void *from,
130 unsigned long n);
131
132#define __copy_to_user_inatomic __copy_to_user
133#define __copy_from_user_inatomic __copy_from_user
134
135static inline int __put_user_fn(void *x, void __user *ptr, unsigned long size)
136{
137 size = __copy_to_user(ptr, x, size);
138 return size ? -EFAULT : 0;
139}
140
141static inline int __get_user_fn(void *x, const void __user *ptr, unsigned long size)
142{
143 size = __copy_from_user(x, ptr, size);
144 return size ? -EFAULT : 0;
145}
146
147/*
148 * These are the main single-value transfer routines. They automatically
149 * use the right size if we just have the right pointer type.
150 */
151#define __put_user(x, ptr) \
152({ \
153 __typeof__(*(ptr)) __x = (x); \
154 int __pu_err = -EFAULT; \
155 __chk_user_ptr(ptr); \
156 switch (sizeof (*(ptr))) { \
157 case 1: \
158 case 2: \
159 case 4: \
160 case 8: \
161 __pu_err = __put_user_fn(&__x, ptr, \
162 sizeof(*(ptr))); \
163 break; \
164 default: \
165 __put_user_bad(); \
166 break; \
167 } \
168 __pu_err; \
169})
170
171#define put_user(x, ptr) \
172({ \
173 might_fault(); \
174 __put_user(x, ptr); \
175})
176
177
178int __put_user_bad(void) __attribute__((noreturn));
179
180#define __get_user(x, ptr) \
181({ \
182 int __gu_err = -EFAULT; \
183 __chk_user_ptr(ptr); \
184 switch (sizeof(*(ptr))) { \
185 case 1: { \
186 unsigned char __x; \
187 __gu_err = __get_user_fn(&__x, ptr, \
188 sizeof(*(ptr))); \
189 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
190 break; \
191 }; \
192 case 2: { \
193 unsigned short __x; \
194 __gu_err = __get_user_fn(&__x, ptr, \
195 sizeof(*(ptr))); \
196 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
197 break; \
198 }; \
199 case 4: { \
200 unsigned int __x; \
201 __gu_err = __get_user_fn(&__x, ptr, \
202 sizeof(*(ptr))); \
203 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
204 break; \
205 }; \
206 case 8: { \
207 unsigned long long __x; \
208 __gu_err = __get_user_fn(&__x, ptr, \
209 sizeof(*(ptr))); \
210 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
211 break; \
212 }; \
213 default: \
214 __get_user_bad(); \
215 break; \
216 } \
217 __gu_err; \
218})
219
220#define get_user(x, ptr) \
221({ \
222 might_fault(); \
223 __get_user(x, ptr); \
224})
225
226int __get_user_bad(void) __attribute__((noreturn));
227
228#define __put_user_unaligned __put_user
229#define __get_user_unaligned __get_user
230
231/**
232 * copy_to_user: - Copy a block of data into user space.
233 * @to: Destination address, in user space.
234 * @from: Source address, in kernel space.
235 * @n: Number of bytes to copy.
236 *
237 * Context: User context only. This function may sleep.
238 *
239 * Copy data from kernel space to user space.
240 *
241 * Returns number of bytes that could not be copied.
242 * On success, this will be zero.
243 */
244static inline unsigned long __must_check
245copy_to_user(void __user *to, const void *from, unsigned long n)
246{
247 might_fault();
248 return __copy_to_user(to, from, n);
249}
250
251void copy_from_user_overflow(void)
252#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
253__compiletime_warning("copy_from_user() buffer size is not provably correct")
254#endif
255;
256
257/**
258 * copy_from_user: - Copy a block of data from user space.
259 * @to: Destination address, in kernel space.
260 * @from: Source address, in user space.
261 * @n: Number of bytes to copy.
262 *
263 * Context: User context only. This function may sleep.
264 *
265 * Copy data from user space to kernel space.
266 *
267 * Returns number of bytes that could not be copied.
268 * On success, this will be zero.
269 *
270 * If some data could not be copied, this function will pad the copied
271 * data to the requested size using zero bytes.
272 */
273static inline unsigned long __must_check
274copy_from_user(void *to, const void __user *from, unsigned long n)
275{
276 unsigned int sz = __compiletime_object_size(to);
277
278 might_fault();
279 if (unlikely(sz != -1 && sz < n)) {
280 copy_from_user_overflow();
281 return n;
282 }
283 return __copy_from_user(to, from, n);
284}
285
286unsigned long __must_check
287__copy_in_user(void __user *to, const void __user *from, unsigned long n);
288
289static inline unsigned long __must_check
290copy_in_user(void __user *to, const void __user *from, unsigned long n)
291{
292 might_fault();
293 return __copy_in_user(to, from, n);
294}
295
296/*
297 * Copy a null terminated string from userspace.
298 */
299
300long __strncpy_from_user(char *dst, const char __user *src, long count);
301
302static inline long __must_check
303strncpy_from_user(char *dst, const char __user *src, long count)
304{
305 might_fault();
306 return __strncpy_from_user(dst, src, count);
307}
308
309unsigned long __must_check __strnlen_user(const char __user *src, unsigned long count);
310
311static inline unsigned long strnlen_user(const char __user *src, unsigned long n)
312{
313 might_fault();
314 return __strnlen_user(src, n);
315}
316
317/**
318 * strlen_user: - Get the size of a string in user space.
319 * @str: The string to measure.
320 *
321 * Context: User context only. This function may sleep.
322 *
323 * Get the size of a NUL-terminated string in user space.
324 *
325 * Returns the size of the string INCLUDING the terminating NUL.
326 * On exception, returns 0.
327 *
328 * If there is a limit on the length of a valid string, you may wish to
329 * consider using strnlen_user() instead.
330 */
331#define strlen_user(str) strnlen_user(str, ~0UL)
332
333/*
334 * Zero Userspace
335 */
336unsigned long __must_check __clear_user(void __user *to, unsigned long size);
337
338static inline unsigned long __must_check clear_user(void __user *to, unsigned long n)
339{
340 might_fault();
341 return __clear_user(to, n);
342}
343
344int copy_to_user_real(void __user *dest, void *src, unsigned long count);
345
346#endif /* __S390_UACCESS_H */