Loading...
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Helpers for formatting and printing strings
4 *
5 * Copyright 31 August 2008 James Bottomley
6 * Copyright (C) 2013, Intel Corporation
7 */
8#include <linux/bug.h>
9#include <linux/kernel.h>
10#include <linux/math64.h>
11#include <linux/export.h>
12#include <linux/ctype.h>
13#include <linux/errno.h>
14#include <linux/fs.h>
15#include <linux/limits.h>
16#include <linux/mm.h>
17#include <linux/slab.h>
18#include <linux/string.h>
19#include <linux/string_helpers.h>
20
21/**
22 * string_get_size - get the size in the specified units
23 * @size: The size to be converted in blocks
24 * @blk_size: Size of the block (use 1 for size in bytes)
25 * @units: units to use (powers of 1000 or 1024)
26 * @buf: buffer to format to
27 * @len: length of buffer
28 *
29 * This function returns a string formatted to 3 significant figures
30 * giving the size in the required units. @buf should have room for
31 * at least 9 bytes and will always be zero terminated.
32 *
33 */
34void string_get_size(u64 size, u64 blk_size, const enum string_size_units units,
35 char *buf, int len)
36{
37 static const char *const units_10[] = {
38 "B", "kB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB"
39 };
40 static const char *const units_2[] = {
41 "B", "KiB", "MiB", "GiB", "TiB", "PiB", "EiB", "ZiB", "YiB"
42 };
43 static const char *const *const units_str[] = {
44 [STRING_UNITS_10] = units_10,
45 [STRING_UNITS_2] = units_2,
46 };
47 static const unsigned int divisor[] = {
48 [STRING_UNITS_10] = 1000,
49 [STRING_UNITS_2] = 1024,
50 };
51 static const unsigned int rounding[] = { 500, 50, 5 };
52 int i = 0, j;
53 u32 remainder = 0, sf_cap;
54 char tmp[8];
55 const char *unit;
56
57 tmp[0] = '\0';
58
59 if (blk_size == 0)
60 size = 0;
61 if (size == 0)
62 goto out;
63
64 /* This is Napier's algorithm. Reduce the original block size to
65 *
66 * coefficient * divisor[units]^i
67 *
68 * we do the reduction so both coefficients are just under 32 bits so
69 * that multiplying them together won't overflow 64 bits and we keep
70 * as much precision as possible in the numbers.
71 *
72 * Note: it's safe to throw away the remainders here because all the
73 * precision is in the coefficients.
74 */
75 while (blk_size >> 32) {
76 do_div(blk_size, divisor[units]);
77 i++;
78 }
79
80 while (size >> 32) {
81 do_div(size, divisor[units]);
82 i++;
83 }
84
85 /* now perform the actual multiplication keeping i as the sum of the
86 * two logarithms */
87 size *= blk_size;
88
89 /* and logarithmically reduce it until it's just under the divisor */
90 while (size >= divisor[units]) {
91 remainder = do_div(size, divisor[units]);
92 i++;
93 }
94
95 /* work out in j how many digits of precision we need from the
96 * remainder */
97 sf_cap = size;
98 for (j = 0; sf_cap*10 < 1000; j++)
99 sf_cap *= 10;
100
101 if (units == STRING_UNITS_2) {
102 /* express the remainder as a decimal. It's currently the
103 * numerator of a fraction whose denominator is
104 * divisor[units], which is 1 << 10 for STRING_UNITS_2 */
105 remainder *= 1000;
106 remainder >>= 10;
107 }
108
109 /* add a 5 to the digit below what will be printed to ensure
110 * an arithmetical round up and carry it through to size */
111 remainder += rounding[j];
112 if (remainder >= 1000) {
113 remainder -= 1000;
114 size += 1;
115 }
116
117 if (j) {
118 snprintf(tmp, sizeof(tmp), ".%03u", remainder);
119 tmp[j+1] = '\0';
120 }
121
122 out:
123 if (i >= ARRAY_SIZE(units_2))
124 unit = "UNK";
125 else
126 unit = units_str[units][i];
127
128 snprintf(buf, len, "%u%s %s", (u32)size,
129 tmp, unit);
130}
131EXPORT_SYMBOL(string_get_size);
132
133static bool unescape_space(char **src, char **dst)
134{
135 char *p = *dst, *q = *src;
136
137 switch (*q) {
138 case 'n':
139 *p = '\n';
140 break;
141 case 'r':
142 *p = '\r';
143 break;
144 case 't':
145 *p = '\t';
146 break;
147 case 'v':
148 *p = '\v';
149 break;
150 case 'f':
151 *p = '\f';
152 break;
153 default:
154 return false;
155 }
156 *dst += 1;
157 *src += 1;
158 return true;
159}
160
161static bool unescape_octal(char **src, char **dst)
162{
163 char *p = *dst, *q = *src;
164 u8 num;
165
166 if (isodigit(*q) == 0)
167 return false;
168
169 num = (*q++) & 7;
170 while (num < 32 && isodigit(*q) && (q - *src < 3)) {
171 num <<= 3;
172 num += (*q++) & 7;
173 }
174 *p = num;
175 *dst += 1;
176 *src = q;
177 return true;
178}
179
180static bool unescape_hex(char **src, char **dst)
181{
182 char *p = *dst, *q = *src;
183 int digit;
184 u8 num;
185
186 if (*q++ != 'x')
187 return false;
188
189 num = digit = hex_to_bin(*q++);
190 if (digit < 0)
191 return false;
192
193 digit = hex_to_bin(*q);
194 if (digit >= 0) {
195 q++;
196 num = (num << 4) | digit;
197 }
198 *p = num;
199 *dst += 1;
200 *src = q;
201 return true;
202}
203
204static bool unescape_special(char **src, char **dst)
205{
206 char *p = *dst, *q = *src;
207
208 switch (*q) {
209 case '\"':
210 *p = '\"';
211 break;
212 case '\\':
213 *p = '\\';
214 break;
215 case 'a':
216 *p = '\a';
217 break;
218 case 'e':
219 *p = '\e';
220 break;
221 default:
222 return false;
223 }
224 *dst += 1;
225 *src += 1;
226 return true;
227}
228
229/**
230 * string_unescape - unquote characters in the given string
231 * @src: source buffer (escaped)
232 * @dst: destination buffer (unescaped)
233 * @size: size of the destination buffer (0 to unlimit)
234 * @flags: combination of the flags.
235 *
236 * Description:
237 * The function unquotes characters in the given string.
238 *
239 * Because the size of the output will be the same as or less than the size of
240 * the input, the transformation may be performed in place.
241 *
242 * Caller must provide valid source and destination pointers. Be aware that
243 * destination buffer will always be NULL-terminated. Source string must be
244 * NULL-terminated as well. The supported flags are::
245 *
246 * UNESCAPE_SPACE:
247 * '\f' - form feed
248 * '\n' - new line
249 * '\r' - carriage return
250 * '\t' - horizontal tab
251 * '\v' - vertical tab
252 * UNESCAPE_OCTAL:
253 * '\NNN' - byte with octal value NNN (1 to 3 digits)
254 * UNESCAPE_HEX:
255 * '\xHH' - byte with hexadecimal value HH (1 to 2 digits)
256 * UNESCAPE_SPECIAL:
257 * '\"' - double quote
258 * '\\' - backslash
259 * '\a' - alert (BEL)
260 * '\e' - escape
261 * UNESCAPE_ANY:
262 * all previous together
263 *
264 * Return:
265 * The amount of the characters processed to the destination buffer excluding
266 * trailing '\0' is returned.
267 */
268int string_unescape(char *src, char *dst, size_t size, unsigned int flags)
269{
270 char *out = dst;
271
272 while (*src && --size) {
273 if (src[0] == '\\' && src[1] != '\0' && size > 1) {
274 src++;
275 size--;
276
277 if (flags & UNESCAPE_SPACE &&
278 unescape_space(&src, &out))
279 continue;
280
281 if (flags & UNESCAPE_OCTAL &&
282 unescape_octal(&src, &out))
283 continue;
284
285 if (flags & UNESCAPE_HEX &&
286 unescape_hex(&src, &out))
287 continue;
288
289 if (flags & UNESCAPE_SPECIAL &&
290 unescape_special(&src, &out))
291 continue;
292
293 *out++ = '\\';
294 }
295 *out++ = *src++;
296 }
297 *out = '\0';
298
299 return out - dst;
300}
301EXPORT_SYMBOL(string_unescape);
302
303static bool escape_passthrough(unsigned char c, char **dst, char *end)
304{
305 char *out = *dst;
306
307 if (out < end)
308 *out = c;
309 *dst = out + 1;
310 return true;
311}
312
313static bool escape_space(unsigned char c, char **dst, char *end)
314{
315 char *out = *dst;
316 unsigned char to;
317
318 switch (c) {
319 case '\n':
320 to = 'n';
321 break;
322 case '\r':
323 to = 'r';
324 break;
325 case '\t':
326 to = 't';
327 break;
328 case '\v':
329 to = 'v';
330 break;
331 case '\f':
332 to = 'f';
333 break;
334 default:
335 return false;
336 }
337
338 if (out < end)
339 *out = '\\';
340 ++out;
341 if (out < end)
342 *out = to;
343 ++out;
344
345 *dst = out;
346 return true;
347}
348
349static bool escape_special(unsigned char c, char **dst, char *end)
350{
351 char *out = *dst;
352 unsigned char to;
353
354 switch (c) {
355 case '\\':
356 to = '\\';
357 break;
358 case '\a':
359 to = 'a';
360 break;
361 case '\e':
362 to = 'e';
363 break;
364 default:
365 return false;
366 }
367
368 if (out < end)
369 *out = '\\';
370 ++out;
371 if (out < end)
372 *out = to;
373 ++out;
374
375 *dst = out;
376 return true;
377}
378
379static bool escape_null(unsigned char c, char **dst, char *end)
380{
381 char *out = *dst;
382
383 if (c)
384 return false;
385
386 if (out < end)
387 *out = '\\';
388 ++out;
389 if (out < end)
390 *out = '0';
391 ++out;
392
393 *dst = out;
394 return true;
395}
396
397static bool escape_octal(unsigned char c, char **dst, char *end)
398{
399 char *out = *dst;
400
401 if (out < end)
402 *out = '\\';
403 ++out;
404 if (out < end)
405 *out = ((c >> 6) & 0x07) + '0';
406 ++out;
407 if (out < end)
408 *out = ((c >> 3) & 0x07) + '0';
409 ++out;
410 if (out < end)
411 *out = ((c >> 0) & 0x07) + '0';
412 ++out;
413
414 *dst = out;
415 return true;
416}
417
418static bool escape_hex(unsigned char c, char **dst, char *end)
419{
420 char *out = *dst;
421
422 if (out < end)
423 *out = '\\';
424 ++out;
425 if (out < end)
426 *out = 'x';
427 ++out;
428 if (out < end)
429 *out = hex_asc_hi(c);
430 ++out;
431 if (out < end)
432 *out = hex_asc_lo(c);
433 ++out;
434
435 *dst = out;
436 return true;
437}
438
439/**
440 * string_escape_mem - quote characters in the given memory buffer
441 * @src: source buffer (unescaped)
442 * @isz: source buffer size
443 * @dst: destination buffer (escaped)
444 * @osz: destination buffer size
445 * @flags: combination of the flags
446 * @only: NULL-terminated string containing characters used to limit
447 * the selected escape class. If characters are included in @only
448 * that would not normally be escaped by the classes selected
449 * in @flags, they will be copied to @dst unescaped.
450 *
451 * Description:
452 * The process of escaping byte buffer includes several parts. They are applied
453 * in the following sequence.
454 *
455 * 1. The character is matched to the printable class, if asked, and in
456 * case of match it passes through to the output.
457 * 2. The character is not matched to the one from @only string and thus
458 * must go as-is to the output.
459 * 3. The character is checked if it falls into the class given by @flags.
460 * %ESCAPE_OCTAL and %ESCAPE_HEX are going last since they cover any
461 * character. Note that they actually can't go together, otherwise
462 * %ESCAPE_HEX will be ignored.
463 *
464 * Caller must provide valid source and destination pointers. Be aware that
465 * destination buffer will not be NULL-terminated, thus caller have to append
466 * it if needs. The supported flags are::
467 *
468 * %ESCAPE_SPACE: (special white space, not space itself)
469 * '\f' - form feed
470 * '\n' - new line
471 * '\r' - carriage return
472 * '\t' - horizontal tab
473 * '\v' - vertical tab
474 * %ESCAPE_SPECIAL:
475 * '\\' - backslash
476 * '\a' - alert (BEL)
477 * '\e' - escape
478 * %ESCAPE_NULL:
479 * '\0' - null
480 * %ESCAPE_OCTAL:
481 * '\NNN' - byte with octal value NNN (3 digits)
482 * %ESCAPE_ANY:
483 * all previous together
484 * %ESCAPE_NP:
485 * escape only non-printable characters (checked by isprint)
486 * %ESCAPE_ANY_NP:
487 * all previous together
488 * %ESCAPE_HEX:
489 * '\xHH' - byte with hexadecimal value HH (2 digits)
490 *
491 * Return:
492 * The total size of the escaped output that would be generated for
493 * the given input and flags. To check whether the output was
494 * truncated, compare the return value to osz. There is room left in
495 * dst for a '\0' terminator if and only if ret < osz.
496 */
497int string_escape_mem(const char *src, size_t isz, char *dst, size_t osz,
498 unsigned int flags, const char *only)
499{
500 char *p = dst;
501 char *end = p + osz;
502 bool is_dict = only && *only;
503
504 while (isz--) {
505 unsigned char c = *src++;
506
507 /*
508 * Apply rules in the following sequence:
509 * - the character is printable, when @flags has
510 * %ESCAPE_NP bit set
511 * - the @only string is supplied and does not contain a
512 * character under question
513 * - the character doesn't fall into a class of symbols
514 * defined by given @flags
515 * In these cases we just pass through a character to the
516 * output buffer.
517 */
518 if ((flags & ESCAPE_NP && isprint(c)) ||
519 (is_dict && !strchr(only, c))) {
520 /* do nothing */
521 } else {
522 if (flags & ESCAPE_SPACE && escape_space(c, &p, end))
523 continue;
524
525 if (flags & ESCAPE_SPECIAL && escape_special(c, &p, end))
526 continue;
527
528 if (flags & ESCAPE_NULL && escape_null(c, &p, end))
529 continue;
530
531 /* ESCAPE_OCTAL and ESCAPE_HEX always go last */
532 if (flags & ESCAPE_OCTAL && escape_octal(c, &p, end))
533 continue;
534
535 if (flags & ESCAPE_HEX && escape_hex(c, &p, end))
536 continue;
537 }
538
539 escape_passthrough(c, &p, end);
540 }
541
542 return p - dst;
543}
544EXPORT_SYMBOL(string_escape_mem);
545
546int string_escape_mem_ascii(const char *src, size_t isz, char *dst,
547 size_t osz)
548{
549 char *p = dst;
550 char *end = p + osz;
551
552 while (isz--) {
553 unsigned char c = *src++;
554
555 if (!isprint(c) || !isascii(c) || c == '"' || c == '\\')
556 escape_hex(c, &p, end);
557 else
558 escape_passthrough(c, &p, end);
559 }
560
561 return p - dst;
562}
563EXPORT_SYMBOL(string_escape_mem_ascii);
564
565/*
566 * Return an allocated string that has been escaped of special characters
567 * and double quotes, making it safe to log in quotes.
568 */
569char *kstrdup_quotable(const char *src, gfp_t gfp)
570{
571 size_t slen, dlen;
572 char *dst;
573 const int flags = ESCAPE_HEX;
574 const char esc[] = "\f\n\r\t\v\a\e\\\"";
575
576 if (!src)
577 return NULL;
578 slen = strlen(src);
579
580 dlen = string_escape_mem(src, slen, NULL, 0, flags, esc);
581 dst = kmalloc(dlen + 1, gfp);
582 if (!dst)
583 return NULL;
584
585 WARN_ON(string_escape_mem(src, slen, dst, dlen, flags, esc) != dlen);
586 dst[dlen] = '\0';
587
588 return dst;
589}
590EXPORT_SYMBOL_GPL(kstrdup_quotable);
591
592/*
593 * Returns allocated NULL-terminated string containing process
594 * command line, with inter-argument NULLs replaced with spaces,
595 * and other special characters escaped.
596 */
597char *kstrdup_quotable_cmdline(struct task_struct *task, gfp_t gfp)
598{
599 char *buffer, *quoted;
600 int i, res;
601
602 buffer = kmalloc(PAGE_SIZE, GFP_KERNEL);
603 if (!buffer)
604 return NULL;
605
606 res = get_cmdline(task, buffer, PAGE_SIZE - 1);
607 buffer[res] = '\0';
608
609 /* Collapse trailing NULLs, leave res pointing to last non-NULL. */
610 while (--res >= 0 && buffer[res] == '\0')
611 ;
612
613 /* Replace inter-argument NULLs. */
614 for (i = 0; i <= res; i++)
615 if (buffer[i] == '\0')
616 buffer[i] = ' ';
617
618 /* Make sure result is printable. */
619 quoted = kstrdup_quotable(buffer, gfp);
620 kfree(buffer);
621 return quoted;
622}
623EXPORT_SYMBOL_GPL(kstrdup_quotable_cmdline);
624
625/*
626 * Returns allocated NULL-terminated string containing pathname,
627 * with special characters escaped, able to be safely logged. If
628 * there is an error, the leading character will be "<".
629 */
630char *kstrdup_quotable_file(struct file *file, gfp_t gfp)
631{
632 char *temp, *pathname;
633
634 if (!file)
635 return kstrdup("<unknown>", gfp);
636
637 /* We add 11 spaces for ' (deleted)' to be appended */
638 temp = kmalloc(PATH_MAX + 11, GFP_KERNEL);
639 if (!temp)
640 return kstrdup("<no_memory>", gfp);
641
642 pathname = file_path(file, temp, PATH_MAX + 11);
643 if (IS_ERR(pathname))
644 pathname = kstrdup("<too_long>", gfp);
645 else
646 pathname = kstrdup_quotable(pathname, gfp);
647
648 kfree(temp);
649 return pathname;
650}
651EXPORT_SYMBOL_GPL(kstrdup_quotable_file);
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Helpers for formatting and printing strings
4 *
5 * Copyright 31 August 2008 James Bottomley
6 * Copyright (C) 2013, Intel Corporation
7 */
8#include <linux/bug.h>
9#include <linux/kernel.h>
10#include <linux/math64.h>
11#include <linux/export.h>
12#include <linux/ctype.h>
13#include <linux/device.h>
14#include <linux/errno.h>
15#include <linux/fs.h>
16#include <linux/limits.h>
17#include <linux/mm.h>
18#include <linux/slab.h>
19#include <linux/string.h>
20#include <linux/string_helpers.h>
21#include <kunit/test.h>
22#include <kunit/test-bug.h>
23
24/**
25 * string_get_size - get the size in the specified units
26 * @size: The size to be converted in blocks
27 * @blk_size: Size of the block (use 1 for size in bytes)
28 * @units: Units to use (powers of 1000 or 1024), whether to include space separator
29 * @buf: buffer to format to
30 * @len: length of buffer
31 *
32 * This function returns a string formatted to 3 significant figures
33 * giving the size in the required units. @buf should have room for
34 * at least 9 bytes and will always be zero terminated.
35 *
36 * Return value: number of characters of output that would have been written
37 * (which may be greater than len, if output was truncated).
38 */
39int string_get_size(u64 size, u64 blk_size, const enum string_size_units units,
40 char *buf, int len)
41{
42 enum string_size_units units_base = units & STRING_UNITS_MASK;
43 static const char *const units_10[] = {
44 "", "k", "M", "G", "T", "P", "E", "Z", "Y",
45 };
46 static const char *const units_2[] = {
47 "", "Ki", "Mi", "Gi", "Ti", "Pi", "Ei", "Zi", "Yi",
48 };
49 static const char *const *const units_str[] = {
50 [STRING_UNITS_10] = units_10,
51 [STRING_UNITS_2] = units_2,
52 };
53 static const unsigned int divisor[] = {
54 [STRING_UNITS_10] = 1000,
55 [STRING_UNITS_2] = 1024,
56 };
57 static const unsigned int rounding[] = { 500, 50, 5 };
58 int i = 0, j;
59 u32 remainder = 0, sf_cap;
60 char tmp[8];
61 const char *unit;
62
63 tmp[0] = '\0';
64
65 if (blk_size == 0)
66 size = 0;
67 if (size == 0)
68 goto out;
69
70 /* This is Napier's algorithm. Reduce the original block size to
71 *
72 * coefficient * divisor[units_base]^i
73 *
74 * we do the reduction so both coefficients are just under 32 bits so
75 * that multiplying them together won't overflow 64 bits and we keep
76 * as much precision as possible in the numbers.
77 *
78 * Note: it's safe to throw away the remainders here because all the
79 * precision is in the coefficients.
80 */
81 while (blk_size >> 32) {
82 do_div(blk_size, divisor[units_base]);
83 i++;
84 }
85
86 while (size >> 32) {
87 do_div(size, divisor[units_base]);
88 i++;
89 }
90
91 /* now perform the actual multiplication keeping i as the sum of the
92 * two logarithms */
93 size *= blk_size;
94
95 /* and logarithmically reduce it until it's just under the divisor */
96 while (size >= divisor[units_base]) {
97 remainder = do_div(size, divisor[units_base]);
98 i++;
99 }
100
101 /* work out in j how many digits of precision we need from the
102 * remainder */
103 sf_cap = size;
104 for (j = 0; sf_cap*10 < 1000; j++)
105 sf_cap *= 10;
106
107 if (units_base == STRING_UNITS_2) {
108 /* express the remainder as a decimal. It's currently the
109 * numerator of a fraction whose denominator is
110 * divisor[units_base], which is 1 << 10 for STRING_UNITS_2 */
111 remainder *= 1000;
112 remainder >>= 10;
113 }
114
115 /* add a 5 to the digit below what will be printed to ensure
116 * an arithmetical round up and carry it through to size */
117 remainder += rounding[j];
118 if (remainder >= 1000) {
119 remainder -= 1000;
120 size += 1;
121 }
122
123 if (j) {
124 snprintf(tmp, sizeof(tmp), ".%03u", remainder);
125 tmp[j+1] = '\0';
126 }
127
128 out:
129 if (i >= ARRAY_SIZE(units_2))
130 unit = "UNK";
131 else
132 unit = units_str[units_base][i];
133
134 return snprintf(buf, len, "%u%s%s%s%s", (u32)size, tmp,
135 (units & STRING_UNITS_NO_SPACE) ? "" : " ",
136 unit,
137 (units & STRING_UNITS_NO_BYTES) ? "" : "B");
138}
139EXPORT_SYMBOL(string_get_size);
140
141/**
142 * parse_int_array_user - Split string into a sequence of integers
143 * @from: The user space buffer to read from
144 * @count: The maximum number of bytes to read
145 * @array: Returned pointer to sequence of integers
146 *
147 * On success @array is allocated and initialized with a sequence of
148 * integers extracted from the @from plus an additional element that
149 * begins the sequence and specifies the integers count.
150 *
151 * Caller takes responsibility for freeing @array when it is no longer
152 * needed.
153 */
154int parse_int_array_user(const char __user *from, size_t count, int **array)
155{
156 int *ints, nints;
157 char *buf;
158 int ret = 0;
159
160 buf = memdup_user_nul(from, count);
161 if (IS_ERR(buf))
162 return PTR_ERR(buf);
163
164 get_options(buf, 0, &nints);
165 if (!nints) {
166 ret = -ENOENT;
167 goto free_buf;
168 }
169
170 ints = kcalloc(nints + 1, sizeof(*ints), GFP_KERNEL);
171 if (!ints) {
172 ret = -ENOMEM;
173 goto free_buf;
174 }
175
176 get_options(buf, nints + 1, ints);
177 *array = ints;
178
179free_buf:
180 kfree(buf);
181 return ret;
182}
183EXPORT_SYMBOL(parse_int_array_user);
184
185static bool unescape_space(char **src, char **dst)
186{
187 char *p = *dst, *q = *src;
188
189 switch (*q) {
190 case 'n':
191 *p = '\n';
192 break;
193 case 'r':
194 *p = '\r';
195 break;
196 case 't':
197 *p = '\t';
198 break;
199 case 'v':
200 *p = '\v';
201 break;
202 case 'f':
203 *p = '\f';
204 break;
205 default:
206 return false;
207 }
208 *dst += 1;
209 *src += 1;
210 return true;
211}
212
213static bool unescape_octal(char **src, char **dst)
214{
215 char *p = *dst, *q = *src;
216 u8 num;
217
218 if (isodigit(*q) == 0)
219 return false;
220
221 num = (*q++) & 7;
222 while (num < 32 && isodigit(*q) && (q - *src < 3)) {
223 num <<= 3;
224 num += (*q++) & 7;
225 }
226 *p = num;
227 *dst += 1;
228 *src = q;
229 return true;
230}
231
232static bool unescape_hex(char **src, char **dst)
233{
234 char *p = *dst, *q = *src;
235 int digit;
236 u8 num;
237
238 if (*q++ != 'x')
239 return false;
240
241 num = digit = hex_to_bin(*q++);
242 if (digit < 0)
243 return false;
244
245 digit = hex_to_bin(*q);
246 if (digit >= 0) {
247 q++;
248 num = (num << 4) | digit;
249 }
250 *p = num;
251 *dst += 1;
252 *src = q;
253 return true;
254}
255
256static bool unescape_special(char **src, char **dst)
257{
258 char *p = *dst, *q = *src;
259
260 switch (*q) {
261 case '\"':
262 *p = '\"';
263 break;
264 case '\\':
265 *p = '\\';
266 break;
267 case 'a':
268 *p = '\a';
269 break;
270 case 'e':
271 *p = '\e';
272 break;
273 default:
274 return false;
275 }
276 *dst += 1;
277 *src += 1;
278 return true;
279}
280
281/**
282 * string_unescape - unquote characters in the given string
283 * @src: source buffer (escaped)
284 * @dst: destination buffer (unescaped)
285 * @size: size of the destination buffer (0 to unlimit)
286 * @flags: combination of the flags.
287 *
288 * Description:
289 * The function unquotes characters in the given string.
290 *
291 * Because the size of the output will be the same as or less than the size of
292 * the input, the transformation may be performed in place.
293 *
294 * Caller must provide valid source and destination pointers. Be aware that
295 * destination buffer will always be NULL-terminated. Source string must be
296 * NULL-terminated as well. The supported flags are::
297 *
298 * UNESCAPE_SPACE:
299 * '\f' - form feed
300 * '\n' - new line
301 * '\r' - carriage return
302 * '\t' - horizontal tab
303 * '\v' - vertical tab
304 * UNESCAPE_OCTAL:
305 * '\NNN' - byte with octal value NNN (1 to 3 digits)
306 * UNESCAPE_HEX:
307 * '\xHH' - byte with hexadecimal value HH (1 to 2 digits)
308 * UNESCAPE_SPECIAL:
309 * '\"' - double quote
310 * '\\' - backslash
311 * '\a' - alert (BEL)
312 * '\e' - escape
313 * UNESCAPE_ANY:
314 * all previous together
315 *
316 * Return:
317 * The amount of the characters processed to the destination buffer excluding
318 * trailing '\0' is returned.
319 */
320int string_unescape(char *src, char *dst, size_t size, unsigned int flags)
321{
322 char *out = dst;
323
324 while (*src && --size) {
325 if (src[0] == '\\' && src[1] != '\0' && size > 1) {
326 src++;
327 size--;
328
329 if (flags & UNESCAPE_SPACE &&
330 unescape_space(&src, &out))
331 continue;
332
333 if (flags & UNESCAPE_OCTAL &&
334 unescape_octal(&src, &out))
335 continue;
336
337 if (flags & UNESCAPE_HEX &&
338 unescape_hex(&src, &out))
339 continue;
340
341 if (flags & UNESCAPE_SPECIAL &&
342 unescape_special(&src, &out))
343 continue;
344
345 *out++ = '\\';
346 }
347 *out++ = *src++;
348 }
349 *out = '\0';
350
351 return out - dst;
352}
353EXPORT_SYMBOL(string_unescape);
354
355static bool escape_passthrough(unsigned char c, char **dst, char *end)
356{
357 char *out = *dst;
358
359 if (out < end)
360 *out = c;
361 *dst = out + 1;
362 return true;
363}
364
365static bool escape_space(unsigned char c, char **dst, char *end)
366{
367 char *out = *dst;
368 unsigned char to;
369
370 switch (c) {
371 case '\n':
372 to = 'n';
373 break;
374 case '\r':
375 to = 'r';
376 break;
377 case '\t':
378 to = 't';
379 break;
380 case '\v':
381 to = 'v';
382 break;
383 case '\f':
384 to = 'f';
385 break;
386 default:
387 return false;
388 }
389
390 if (out < end)
391 *out = '\\';
392 ++out;
393 if (out < end)
394 *out = to;
395 ++out;
396
397 *dst = out;
398 return true;
399}
400
401static bool escape_special(unsigned char c, char **dst, char *end)
402{
403 char *out = *dst;
404 unsigned char to;
405
406 switch (c) {
407 case '\\':
408 to = '\\';
409 break;
410 case '\a':
411 to = 'a';
412 break;
413 case '\e':
414 to = 'e';
415 break;
416 case '"':
417 to = '"';
418 break;
419 default:
420 return false;
421 }
422
423 if (out < end)
424 *out = '\\';
425 ++out;
426 if (out < end)
427 *out = to;
428 ++out;
429
430 *dst = out;
431 return true;
432}
433
434static bool escape_null(unsigned char c, char **dst, char *end)
435{
436 char *out = *dst;
437
438 if (c)
439 return false;
440
441 if (out < end)
442 *out = '\\';
443 ++out;
444 if (out < end)
445 *out = '0';
446 ++out;
447
448 *dst = out;
449 return true;
450}
451
452static bool escape_octal(unsigned char c, char **dst, char *end)
453{
454 char *out = *dst;
455
456 if (out < end)
457 *out = '\\';
458 ++out;
459 if (out < end)
460 *out = ((c >> 6) & 0x07) + '0';
461 ++out;
462 if (out < end)
463 *out = ((c >> 3) & 0x07) + '0';
464 ++out;
465 if (out < end)
466 *out = ((c >> 0) & 0x07) + '0';
467 ++out;
468
469 *dst = out;
470 return true;
471}
472
473static bool escape_hex(unsigned char c, char **dst, char *end)
474{
475 char *out = *dst;
476
477 if (out < end)
478 *out = '\\';
479 ++out;
480 if (out < end)
481 *out = 'x';
482 ++out;
483 if (out < end)
484 *out = hex_asc_hi(c);
485 ++out;
486 if (out < end)
487 *out = hex_asc_lo(c);
488 ++out;
489
490 *dst = out;
491 return true;
492}
493
494/**
495 * string_escape_mem - quote characters in the given memory buffer
496 * @src: source buffer (unescaped)
497 * @isz: source buffer size
498 * @dst: destination buffer (escaped)
499 * @osz: destination buffer size
500 * @flags: combination of the flags
501 * @only: NULL-terminated string containing characters used to limit
502 * the selected escape class. If characters are included in @only
503 * that would not normally be escaped by the classes selected
504 * in @flags, they will be copied to @dst unescaped.
505 *
506 * Description:
507 * The process of escaping byte buffer includes several parts. They are applied
508 * in the following sequence.
509 *
510 * 1. The character is not matched to the one from @only string and thus
511 * must go as-is to the output.
512 * 2. The character is matched to the printable and ASCII classes, if asked,
513 * and in case of match it passes through to the output.
514 * 3. The character is matched to the printable or ASCII class, if asked,
515 * and in case of match it passes through to the output.
516 * 4. The character is checked if it falls into the class given by @flags.
517 * %ESCAPE_OCTAL and %ESCAPE_HEX are going last since they cover any
518 * character. Note that they actually can't go together, otherwise
519 * %ESCAPE_HEX will be ignored.
520 *
521 * Caller must provide valid source and destination pointers. Be aware that
522 * destination buffer will not be NULL-terminated, thus caller have to append
523 * it if needs. The supported flags are::
524 *
525 * %ESCAPE_SPACE: (special white space, not space itself)
526 * '\f' - form feed
527 * '\n' - new line
528 * '\r' - carriage return
529 * '\t' - horizontal tab
530 * '\v' - vertical tab
531 * %ESCAPE_SPECIAL:
532 * '\"' - double quote
533 * '\\' - backslash
534 * '\a' - alert (BEL)
535 * '\e' - escape
536 * %ESCAPE_NULL:
537 * '\0' - null
538 * %ESCAPE_OCTAL:
539 * '\NNN' - byte with octal value NNN (3 digits)
540 * %ESCAPE_ANY:
541 * all previous together
542 * %ESCAPE_NP:
543 * escape only non-printable characters, checked by isprint()
544 * %ESCAPE_ANY_NP:
545 * all previous together
546 * %ESCAPE_HEX:
547 * '\xHH' - byte with hexadecimal value HH (2 digits)
548 * %ESCAPE_NA:
549 * escape only non-ascii characters, checked by isascii()
550 * %ESCAPE_NAP:
551 * escape only non-printable or non-ascii characters
552 * %ESCAPE_APPEND:
553 * append characters from @only to be escaped by the given classes
554 *
555 * %ESCAPE_APPEND would help to pass additional characters to the escaped, when
556 * one of %ESCAPE_NP, %ESCAPE_NA, or %ESCAPE_NAP is provided.
557 *
558 * One notable caveat, the %ESCAPE_NAP, %ESCAPE_NP and %ESCAPE_NA have the
559 * higher priority than the rest of the flags (%ESCAPE_NAP is the highest).
560 * It doesn't make much sense to use either of them without %ESCAPE_OCTAL
561 * or %ESCAPE_HEX, because they cover most of the other character classes.
562 * %ESCAPE_NAP can utilize %ESCAPE_SPACE or %ESCAPE_SPECIAL in addition to
563 * the above.
564 *
565 * Return:
566 * The total size of the escaped output that would be generated for
567 * the given input and flags. To check whether the output was
568 * truncated, compare the return value to osz. There is room left in
569 * dst for a '\0' terminator if and only if ret < osz.
570 */
571int string_escape_mem(const char *src, size_t isz, char *dst, size_t osz,
572 unsigned int flags, const char *only)
573{
574 char *p = dst;
575 char *end = p + osz;
576 bool is_dict = only && *only;
577 bool is_append = flags & ESCAPE_APPEND;
578
579 while (isz--) {
580 unsigned char c = *src++;
581 bool in_dict = is_dict && strchr(only, c);
582
583 /*
584 * Apply rules in the following sequence:
585 * - the @only string is supplied and does not contain a
586 * character under question
587 * - the character is printable and ASCII, when @flags has
588 * %ESCAPE_NAP bit set
589 * - the character is printable, when @flags has
590 * %ESCAPE_NP bit set
591 * - the character is ASCII, when @flags has
592 * %ESCAPE_NA bit set
593 * - the character doesn't fall into a class of symbols
594 * defined by given @flags
595 * In these cases we just pass through a character to the
596 * output buffer.
597 *
598 * When %ESCAPE_APPEND is passed, the characters from @only
599 * have been excluded from the %ESCAPE_NAP, %ESCAPE_NP, and
600 * %ESCAPE_NA cases.
601 */
602 if (!(is_append || in_dict) && is_dict &&
603 escape_passthrough(c, &p, end))
604 continue;
605
606 if (!(is_append && in_dict) && isascii(c) && isprint(c) &&
607 flags & ESCAPE_NAP && escape_passthrough(c, &p, end))
608 continue;
609
610 if (!(is_append && in_dict) && isprint(c) &&
611 flags & ESCAPE_NP && escape_passthrough(c, &p, end))
612 continue;
613
614 if (!(is_append && in_dict) && isascii(c) &&
615 flags & ESCAPE_NA && escape_passthrough(c, &p, end))
616 continue;
617
618 if (flags & ESCAPE_SPACE && escape_space(c, &p, end))
619 continue;
620
621 if (flags & ESCAPE_SPECIAL && escape_special(c, &p, end))
622 continue;
623
624 if (flags & ESCAPE_NULL && escape_null(c, &p, end))
625 continue;
626
627 /* ESCAPE_OCTAL and ESCAPE_HEX always go last */
628 if (flags & ESCAPE_OCTAL && escape_octal(c, &p, end))
629 continue;
630
631 if (flags & ESCAPE_HEX && escape_hex(c, &p, end))
632 continue;
633
634 escape_passthrough(c, &p, end);
635 }
636
637 return p - dst;
638}
639EXPORT_SYMBOL(string_escape_mem);
640
641/*
642 * Return an allocated string that has been escaped of special characters
643 * and double quotes, making it safe to log in quotes.
644 */
645char *kstrdup_quotable(const char *src, gfp_t gfp)
646{
647 size_t slen, dlen;
648 char *dst;
649 const int flags = ESCAPE_HEX;
650 const char esc[] = "\f\n\r\t\v\a\e\\\"";
651
652 if (!src)
653 return NULL;
654 slen = strlen(src);
655
656 dlen = string_escape_mem(src, slen, NULL, 0, flags, esc);
657 dst = kmalloc(dlen + 1, gfp);
658 if (!dst)
659 return NULL;
660
661 WARN_ON(string_escape_mem(src, slen, dst, dlen, flags, esc) != dlen);
662 dst[dlen] = '\0';
663
664 return dst;
665}
666EXPORT_SYMBOL_GPL(kstrdup_quotable);
667
668/*
669 * Returns allocated NULL-terminated string containing process
670 * command line, with inter-argument NULLs replaced with spaces,
671 * and other special characters escaped.
672 */
673char *kstrdup_quotable_cmdline(struct task_struct *task, gfp_t gfp)
674{
675 char *buffer, *quoted;
676 int i, res;
677
678 buffer = kmalloc(PAGE_SIZE, GFP_KERNEL);
679 if (!buffer)
680 return NULL;
681
682 res = get_cmdline(task, buffer, PAGE_SIZE - 1);
683 buffer[res] = '\0';
684
685 /* Collapse trailing NULLs, leave res pointing to last non-NULL. */
686 while (--res >= 0 && buffer[res] == '\0')
687 ;
688
689 /* Replace inter-argument NULLs. */
690 for (i = 0; i <= res; i++)
691 if (buffer[i] == '\0')
692 buffer[i] = ' ';
693
694 /* Make sure result is printable. */
695 quoted = kstrdup_quotable(buffer, gfp);
696 kfree(buffer);
697 return quoted;
698}
699EXPORT_SYMBOL_GPL(kstrdup_quotable_cmdline);
700
701/*
702 * Returns allocated NULL-terminated string containing pathname,
703 * with special characters escaped, able to be safely logged. If
704 * there is an error, the leading character will be "<".
705 */
706char *kstrdup_quotable_file(struct file *file, gfp_t gfp)
707{
708 char *temp, *pathname;
709
710 if (!file)
711 return kstrdup("<unknown>", gfp);
712
713 /* We add 11 spaces for ' (deleted)' to be appended */
714 temp = kmalloc(PATH_MAX + 11, GFP_KERNEL);
715 if (!temp)
716 return kstrdup("<no_memory>", gfp);
717
718 pathname = file_path(file, temp, PATH_MAX + 11);
719 if (IS_ERR(pathname))
720 pathname = kstrdup("<too_long>", gfp);
721 else
722 pathname = kstrdup_quotable(pathname, gfp);
723
724 kfree(temp);
725 return pathname;
726}
727EXPORT_SYMBOL_GPL(kstrdup_quotable_file);
728
729/*
730 * Returns duplicate string in which the @old characters are replaced by @new.
731 */
732char *kstrdup_and_replace(const char *src, char old, char new, gfp_t gfp)
733{
734 char *dst;
735
736 dst = kstrdup(src, gfp);
737 if (!dst)
738 return NULL;
739
740 return strreplace(dst, old, new);
741}
742EXPORT_SYMBOL_GPL(kstrdup_and_replace);
743
744/**
745 * kasprintf_strarray - allocate and fill array of sequential strings
746 * @gfp: flags for the slab allocator
747 * @prefix: prefix to be used
748 * @n: amount of lines to be allocated and filled
749 *
750 * Allocates and fills @n strings using pattern "%s-%zu", where prefix
751 * is provided by caller. The caller is responsible to free them with
752 * kfree_strarray() after use.
753 *
754 * Returns array of strings or NULL when memory can't be allocated.
755 */
756char **kasprintf_strarray(gfp_t gfp, const char *prefix, size_t n)
757{
758 char **names;
759 size_t i;
760
761 names = kcalloc(n + 1, sizeof(char *), gfp);
762 if (!names)
763 return NULL;
764
765 for (i = 0; i < n; i++) {
766 names[i] = kasprintf(gfp, "%s-%zu", prefix, i);
767 if (!names[i]) {
768 kfree_strarray(names, i);
769 return NULL;
770 }
771 }
772
773 return names;
774}
775EXPORT_SYMBOL_GPL(kasprintf_strarray);
776
777/**
778 * kfree_strarray - free a number of dynamically allocated strings contained
779 * in an array and the array itself
780 *
781 * @array: Dynamically allocated array of strings to free.
782 * @n: Number of strings (starting from the beginning of the array) to free.
783 *
784 * Passing a non-NULL @array and @n == 0 as well as NULL @array are valid
785 * use-cases. If @array is NULL, the function does nothing.
786 */
787void kfree_strarray(char **array, size_t n)
788{
789 unsigned int i;
790
791 if (!array)
792 return;
793
794 for (i = 0; i < n; i++)
795 kfree(array[i]);
796 kfree(array);
797}
798EXPORT_SYMBOL_GPL(kfree_strarray);
799
800struct strarray {
801 char **array;
802 size_t n;
803};
804
805static void devm_kfree_strarray(struct device *dev, void *res)
806{
807 struct strarray *array = res;
808
809 kfree_strarray(array->array, array->n);
810}
811
812char **devm_kasprintf_strarray(struct device *dev, const char *prefix, size_t n)
813{
814 struct strarray *ptr;
815
816 ptr = devres_alloc(devm_kfree_strarray, sizeof(*ptr), GFP_KERNEL);
817 if (!ptr)
818 return ERR_PTR(-ENOMEM);
819
820 ptr->array = kasprintf_strarray(GFP_KERNEL, prefix, n);
821 if (!ptr->array) {
822 devres_free(ptr);
823 return ERR_PTR(-ENOMEM);
824 }
825
826 ptr->n = n;
827 devres_add(dev, ptr);
828
829 return ptr->array;
830}
831EXPORT_SYMBOL_GPL(devm_kasprintf_strarray);
832
833/**
834 * skip_spaces - Removes leading whitespace from @str.
835 * @str: The string to be stripped.
836 *
837 * Returns a pointer to the first non-whitespace character in @str.
838 */
839char *skip_spaces(const char *str)
840{
841 while (isspace(*str))
842 ++str;
843 return (char *)str;
844}
845EXPORT_SYMBOL(skip_spaces);
846
847/**
848 * strim - Removes leading and trailing whitespace from @s.
849 * @s: The string to be stripped.
850 *
851 * Note that the first trailing whitespace is replaced with a %NUL-terminator
852 * in the given string @s. Returns a pointer to the first non-whitespace
853 * character in @s.
854 */
855char *strim(char *s)
856{
857 size_t size;
858 char *end;
859
860 size = strlen(s);
861 if (!size)
862 return s;
863
864 end = s + size - 1;
865 while (end >= s && isspace(*end))
866 end--;
867 *(end + 1) = '\0';
868
869 return skip_spaces(s);
870}
871EXPORT_SYMBOL(strim);
872
873/**
874 * sysfs_streq - return true if strings are equal, modulo trailing newline
875 * @s1: one string
876 * @s2: another string
877 *
878 * This routine returns true iff two strings are equal, treating both
879 * NUL and newline-then-NUL as equivalent string terminations. It's
880 * geared for use with sysfs input strings, which generally terminate
881 * with newlines but are compared against values without newlines.
882 */
883bool sysfs_streq(const char *s1, const char *s2)
884{
885 while (*s1 && *s1 == *s2) {
886 s1++;
887 s2++;
888 }
889
890 if (*s1 == *s2)
891 return true;
892 if (!*s1 && *s2 == '\n' && !s2[1])
893 return true;
894 if (*s1 == '\n' && !s1[1] && !*s2)
895 return true;
896 return false;
897}
898EXPORT_SYMBOL(sysfs_streq);
899
900/**
901 * match_string - matches given string in an array
902 * @array: array of strings
903 * @n: number of strings in the array or -1 for NULL terminated arrays
904 * @string: string to match with
905 *
906 * This routine will look for a string in an array of strings up to the
907 * n-th element in the array or until the first NULL element.
908 *
909 * Historically the value of -1 for @n, was used to search in arrays that
910 * are NULL terminated. However, the function does not make a distinction
911 * when finishing the search: either @n elements have been compared OR
912 * the first NULL element was found.
913 *
914 * Return:
915 * index of a @string in the @array if matches, or %-EINVAL otherwise.
916 */
917int match_string(const char * const *array, size_t n, const char *string)
918{
919 int index;
920 const char *item;
921
922 for (index = 0; index < n; index++) {
923 item = array[index];
924 if (!item)
925 break;
926 if (!strcmp(item, string))
927 return index;
928 }
929
930 return -EINVAL;
931}
932EXPORT_SYMBOL(match_string);
933
934/**
935 * __sysfs_match_string - matches given string in an array
936 * @array: array of strings
937 * @n: number of strings in the array or -1 for NULL terminated arrays
938 * @str: string to match with
939 *
940 * Returns index of @str in the @array or -EINVAL, just like match_string().
941 * Uses sysfs_streq instead of strcmp for matching.
942 *
943 * This routine will look for a string in an array of strings up to the
944 * n-th element in the array or until the first NULL element.
945 *
946 * Historically the value of -1 for @n, was used to search in arrays that
947 * are NULL terminated. However, the function does not make a distinction
948 * when finishing the search: either @n elements have been compared OR
949 * the first NULL element was found.
950 */
951int __sysfs_match_string(const char * const *array, size_t n, const char *str)
952{
953 const char *item;
954 int index;
955
956 for (index = 0; index < n; index++) {
957 item = array[index];
958 if (!item)
959 break;
960 if (sysfs_streq(item, str))
961 return index;
962 }
963
964 return -EINVAL;
965}
966EXPORT_SYMBOL(__sysfs_match_string);
967
968/**
969 * strreplace - Replace all occurrences of character in string.
970 * @str: The string to operate on.
971 * @old: The character being replaced.
972 * @new: The character @old is replaced with.
973 *
974 * Replaces the each @old character with a @new one in the given string @str.
975 *
976 * Return: pointer to the string @str itself.
977 */
978char *strreplace(char *str, char old, char new)
979{
980 char *s = str;
981
982 for (; *s; ++s)
983 if (*s == old)
984 *s = new;
985 return str;
986}
987EXPORT_SYMBOL(strreplace);
988
989/**
990 * memcpy_and_pad - Copy one buffer to another with padding
991 * @dest: Where to copy to
992 * @dest_len: The destination buffer size
993 * @src: Where to copy from
994 * @count: The number of bytes to copy
995 * @pad: Character to use for padding if space is left in destination.
996 */
997void memcpy_and_pad(void *dest, size_t dest_len, const void *src, size_t count,
998 int pad)
999{
1000 if (dest_len > count) {
1001 memcpy(dest, src, count);
1002 memset(dest + count, pad, dest_len - count);
1003 } else {
1004 memcpy(dest, src, dest_len);
1005 }
1006}
1007EXPORT_SYMBOL(memcpy_and_pad);
1008
1009#ifdef CONFIG_FORTIFY_SOURCE
1010/* These are placeholders for fortify compile-time warnings. */
1011void __read_overflow2_field(size_t avail, size_t wanted) { }
1012EXPORT_SYMBOL(__read_overflow2_field);
1013void __write_overflow_field(size_t avail, size_t wanted) { }
1014EXPORT_SYMBOL(__write_overflow_field);
1015
1016static const char * const fortify_func_name[] = {
1017#define MAKE_FORTIFY_FUNC_NAME(func) [MAKE_FORTIFY_FUNC(func)] = #func
1018 EACH_FORTIFY_FUNC(MAKE_FORTIFY_FUNC_NAME)
1019#undef MAKE_FORTIFY_FUNC_NAME
1020};
1021
1022void __fortify_report(const u8 reason, const size_t avail, const size_t size)
1023{
1024 const u8 func = FORTIFY_REASON_FUNC(reason);
1025 const bool write = FORTIFY_REASON_DIR(reason);
1026 const char *name;
1027
1028 name = fortify_func_name[umin(func, FORTIFY_FUNC_UNKNOWN)];
1029 WARN(1, "%s: detected buffer overflow: %zu byte %s of buffer size %zu\n",
1030 name, size, str_read_write(!write), avail);
1031}
1032EXPORT_SYMBOL(__fortify_report);
1033
1034void __fortify_panic(const u8 reason, const size_t avail, const size_t size)
1035{
1036 __fortify_report(reason, avail, size);
1037 BUG();
1038}
1039EXPORT_SYMBOL(__fortify_panic);
1040#endif /* CONFIG_FORTIFY_SOURCE */