Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * include/asm-s390/uaccess.h | |
3 | * | |
4 | * S390 version | |
5 | * Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation | |
6 | * Author(s): Hartmut Penner (hp@de.ibm.com), | |
7 | * Martin Schwidefsky (schwidefsky@de.ibm.com) | |
8 | * | |
9 | * Derived from "include/asm-i386/uaccess.h" | |
10 | */ | |
11 | #ifndef __S390_UACCESS_H | |
12 | #define __S390_UACCESS_H | |
13 | ||
14 | /* | |
15 | * User space memory access functions | |
16 | */ | |
17 | #include <linux/sched.h> | |
18 | #include <linux/errno.h> | |
19 | ||
20 | #define VERIFY_READ 0 | |
21 | #define VERIFY_WRITE 1 | |
22 | ||
23 | ||
24 | /* | |
25 | * The fs value determines whether argument validity checking should be | |
26 | * performed or not. If get_fs() == USER_DS, checking is performed, with | |
27 | * get_fs() == KERNEL_DS, checking is bypassed. | |
28 | * | |
29 | * For historical reasons, these macros are grossly misnamed. | |
30 | */ | |
31 | ||
32 | #define MAKE_MM_SEG(a) ((mm_segment_t) { (a) }) | |
33 | ||
34 | ||
35 | #define KERNEL_DS MAKE_MM_SEG(0) | |
36 | #define USER_DS MAKE_MM_SEG(1) | |
37 | ||
38 | #define get_ds() (KERNEL_DS) | |
39 | #define get_fs() (current->thread.mm_segment) | |
40 | ||
1da177e4 LT |
41 | #define set_fs(x) \ |
42 | ({ \ | |
43 | unsigned long __pto; \ | |
44 | current->thread.mm_segment = (x); \ | |
45 | __pto = current->thread.mm_segment.ar4 ? \ | |
46 | S390_lowcore.user_asce : S390_lowcore.kernel_asce; \ | |
94c12cc7 | 47 | __ctl_load(__pto, 7, 7); \ |
1da177e4 | 48 | }) |
1da177e4 LT |
49 | |
50 | #define segment_eq(a,b) ((a).ar4 == (b).ar4) | |
51 | ||
52 | ||
793af244 | 53 | static inline int __access_ok(const void __user *addr, unsigned long size) |
a63a4931 MS |
54 | { |
55 | return 1; | |
56 | } | |
1da177e4 LT |
57 | #define access_ok(type,addr,size) __access_ok(addr,size) |
58 | ||
1da177e4 LT |
59 | /* |
60 | * The exception table consists of pairs of addresses: the first is the | |
61 | * address of an instruction that is allowed to fault, and the second is | |
62 | * the address at which the program should continue. No registers are | |
63 | * modified, so it is entirely up to the continuation code to figure out | |
64 | * what to do. | |
65 | * | |
66 | * All the routines below use bits of fixup code that are out of line | |
67 | * with the main instruction path. This means when everything is well, | |
68 | * we don't even have to jump over them. Further, they do not intrude | |
69 | * on our cache or tlb entries. | |
70 | */ | |
71 | ||
72 | struct exception_table_entry | |
73 | { | |
74 | unsigned long insn, fixup; | |
75 | }; | |
76 | ||
d02765d1 GS |
77 | struct uaccess_ops { |
78 | size_t (*copy_from_user)(size_t, const void __user *, void *); | |
79 | size_t (*copy_from_user_small)(size_t, const void __user *, void *); | |
80 | size_t (*copy_to_user)(size_t, void __user *, const void *); | |
81 | size_t (*copy_to_user_small)(size_t, void __user *, const void *); | |
82 | size_t (*copy_in_user)(size_t, void __user *, const void __user *); | |
83 | size_t (*clear_user)(size_t, void __user *); | |
84 | size_t (*strnlen_user)(size_t, const char __user *); | |
85 | size_t (*strncpy_from_user)(size_t, const char __user *, char *); | |
86 | int (*futex_atomic_op)(int op, int __user *, int oparg, int *old); | |
87 | int (*futex_atomic_cmpxchg)(int __user *, int old, int new); | |
88 | }; | |
89 | ||
90 | extern struct uaccess_ops uaccess; | |
91 | extern struct uaccess_ops uaccess_std; | |
6c2a9e6d | 92 | extern struct uaccess_ops uaccess_mvcos; |
c1821c2e GS |
93 | extern struct uaccess_ops uaccess_mvcos_switch; |
94 | extern struct uaccess_ops uaccess_pt; | |
d02765d1 | 95 | |
6c1e3e79 GS |
96 | extern int __handle_fault(unsigned long, unsigned long, int); |
97 | ||
d02765d1 GS |
98 | static inline int __put_user_fn(size_t size, void __user *ptr, void *x) |
99 | { | |
100 | size = uaccess.copy_to_user_small(size, ptr, x); | |
101 | return size ? -EFAULT : size; | |
102 | } | |
103 | ||
104 | static inline int __get_user_fn(size_t size, const void __user *ptr, void *x) | |
105 | { | |
106 | size = uaccess.copy_from_user_small(size, ptr, x); | |
107 | return size ? -EFAULT : size; | |
108 | } | |
1da177e4 LT |
109 | |
110 | /* | |
111 | * These are the main single-value transfer routines. They automatically | |
112 | * use the right size if we just have the right pointer type. | |
113 | */ | |
1da177e4 LT |
114 | #define __put_user(x, ptr) \ |
115 | ({ \ | |
116 | __typeof__(*(ptr)) __x = (x); \ | |
d02765d1 | 117 | int __pu_err = -EFAULT; \ |
17566c3c | 118 | __chk_user_ptr(ptr); \ |
1da177e4 LT |
119 | switch (sizeof (*(ptr))) { \ |
120 | case 1: \ | |
121 | case 2: \ | |
122 | case 4: \ | |
123 | case 8: \ | |
d02765d1 GS |
124 | __pu_err = __put_user_fn(sizeof (*(ptr)), \ |
125 | ptr, &__x); \ | |
1da177e4 LT |
126 | break; \ |
127 | default: \ | |
128 | __put_user_bad(); \ | |
129 | break; \ | |
130 | } \ | |
131 | __pu_err; \ | |
132 | }) | |
1da177e4 LT |
133 | |
134 | #define put_user(x, ptr) \ | |
135 | ({ \ | |
dab4079d | 136 | might_fault(); \ |
1da177e4 LT |
137 | __put_user(x, ptr); \ |
138 | }) | |
139 | ||
140 | ||
141 | extern int __put_user_bad(void) __attribute__((noreturn)); | |
142 | ||
1da177e4 LT |
143 | #define __get_user(x, ptr) \ |
144 | ({ \ | |
d02765d1 GS |
145 | int __gu_err = -EFAULT; \ |
146 | __chk_user_ptr(ptr); \ | |
1da177e4 | 147 | switch (sizeof(*(ptr))) { \ |
1047aa77 MS |
148 | case 1: { \ |
149 | unsigned char __x; \ | |
d02765d1 GS |
150 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
151 | ptr, &__x); \ | |
97fa5a66 | 152 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1047aa77 MS |
153 | break; \ |
154 | }; \ | |
155 | case 2: { \ | |
156 | unsigned short __x; \ | |
d02765d1 GS |
157 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
158 | ptr, &__x); \ | |
97fa5a66 | 159 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1047aa77 MS |
160 | break; \ |
161 | }; \ | |
162 | case 4: { \ | |
163 | unsigned int __x; \ | |
d02765d1 GS |
164 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
165 | ptr, &__x); \ | |
97fa5a66 | 166 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1047aa77 MS |
167 | break; \ |
168 | }; \ | |
169 | case 8: { \ | |
170 | unsigned long long __x; \ | |
d02765d1 GS |
171 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
172 | ptr, &__x); \ | |
97fa5a66 | 173 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1da177e4 | 174 | break; \ |
1047aa77 | 175 | }; \ |
1da177e4 LT |
176 | default: \ |
177 | __get_user_bad(); \ | |
178 | break; \ | |
179 | } \ | |
1da177e4 LT |
180 | __gu_err; \ |
181 | }) | |
1da177e4 LT |
182 | |
183 | #define get_user(x, ptr) \ | |
184 | ({ \ | |
dab4079d | 185 | might_fault(); \ |
1da177e4 LT |
186 | __get_user(x, ptr); \ |
187 | }) | |
188 | ||
189 | extern int __get_user_bad(void) __attribute__((noreturn)); | |
190 | ||
191 | #define __put_user_unaligned __put_user | |
192 | #define __get_user_unaligned __get_user | |
193 | ||
1da177e4 LT |
194 | /** |
195 | * __copy_to_user: - Copy a block of data into user space, with less checking. | |
196 | * @to: Destination address, in user space. | |
197 | * @from: Source address, in kernel space. | |
198 | * @n: Number of bytes to copy. | |
199 | * | |
200 | * Context: User context only. This function may sleep. | |
201 | * | |
202 | * Copy data from kernel space to user space. Caller must check | |
203 | * the specified block with access_ok() before calling this function. | |
204 | * | |
205 | * Returns number of bytes that could not be copied. | |
206 | * On success, this will be zero. | |
207 | */ | |
f7675ad7 | 208 | static inline unsigned long __must_check |
1da177e4 LT |
209 | __copy_to_user(void __user *to, const void *from, unsigned long n) |
210 | { | |
d02765d1 GS |
211 | if (__builtin_constant_p(n) && (n <= 256)) |
212 | return uaccess.copy_to_user_small(n, to, from); | |
213 | else | |
214 | return uaccess.copy_to_user(n, to, from); | |
1da177e4 LT |
215 | } |
216 | ||
217 | #define __copy_to_user_inatomic __copy_to_user | |
218 | #define __copy_from_user_inatomic __copy_from_user | |
219 | ||
220 | /** | |
221 | * copy_to_user: - Copy a block of data into user space. | |
222 | * @to: Destination address, in user space. | |
223 | * @from: Source address, in kernel space. | |
224 | * @n: Number of bytes to copy. | |
225 | * | |
226 | * Context: User context only. This function may sleep. | |
227 | * | |
228 | * Copy data from kernel space to user space. | |
229 | * | |
230 | * Returns number of bytes that could not be copied. | |
231 | * On success, this will be zero. | |
232 | */ | |
f7675ad7 | 233 | static inline unsigned long __must_check |
1da177e4 LT |
234 | copy_to_user(void __user *to, const void *from, unsigned long n) |
235 | { | |
dab4079d | 236 | might_fault(); |
1da177e4 LT |
237 | if (access_ok(VERIFY_WRITE, to, n)) |
238 | n = __copy_to_user(to, from, n); | |
239 | return n; | |
240 | } | |
241 | ||
1da177e4 LT |
242 | /** |
243 | * __copy_from_user: - Copy a block of data from user space, with less checking. | |
244 | * @to: Destination address, in kernel space. | |
245 | * @from: Source address, in user space. | |
246 | * @n: Number of bytes to copy. | |
247 | * | |
248 | * Context: User context only. This function may sleep. | |
249 | * | |
250 | * Copy data from user space to kernel space. Caller must check | |
251 | * the specified block with access_ok() before calling this function. | |
252 | * | |
253 | * Returns number of bytes that could not be copied. | |
254 | * On success, this will be zero. | |
255 | * | |
256 | * If some data could not be copied, this function will pad the copied | |
257 | * data to the requested size using zero bytes. | |
258 | */ | |
f7675ad7 | 259 | static inline unsigned long __must_check |
1da177e4 LT |
260 | __copy_from_user(void *to, const void __user *from, unsigned long n) |
261 | { | |
d02765d1 GS |
262 | if (__builtin_constant_p(n) && (n <= 256)) |
263 | return uaccess.copy_from_user_small(n, from, to); | |
264 | else | |
265 | return uaccess.copy_from_user(n, from, to); | |
1da177e4 LT |
266 | } |
267 | ||
1dcec254 HC |
268 | extern void copy_from_user_overflow(void) |
269 | #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS | |
270 | __compiletime_warning("copy_from_user() buffer size is not provably correct") | |
271 | #endif | |
272 | ; | |
273 | ||
1da177e4 LT |
274 | /** |
275 | * copy_from_user: - Copy a block of data from user space. | |
276 | * @to: Destination address, in kernel space. | |
277 | * @from: Source address, in user space. | |
278 | * @n: Number of bytes to copy. | |
279 | * | |
280 | * Context: User context only. This function may sleep. | |
281 | * | |
282 | * Copy data from user space to kernel space. | |
283 | * | |
284 | * Returns number of bytes that could not be copied. | |
285 | * On success, this will be zero. | |
286 | * | |
287 | * If some data could not be copied, this function will pad the copied | |
288 | * data to the requested size using zero bytes. | |
289 | */ | |
f7675ad7 | 290 | static inline unsigned long __must_check |
1da177e4 LT |
291 | copy_from_user(void *to, const void __user *from, unsigned long n) |
292 | { | |
1dcec254 HC |
293 | unsigned int sz = __compiletime_object_size(to); |
294 | ||
dab4079d | 295 | might_fault(); |
1dcec254 HC |
296 | if (unlikely(sz != -1 && sz < n)) { |
297 | copy_from_user_overflow(); | |
298 | return n; | |
299 | } | |
1da177e4 LT |
300 | if (access_ok(VERIFY_READ, from, n)) |
301 | n = __copy_from_user(to, from, n); | |
302 | else | |
303 | memset(to, 0, n); | |
304 | return n; | |
305 | } | |
306 | ||
f7675ad7 | 307 | static inline unsigned long __must_check |
1da177e4 LT |
308 | __copy_in_user(void __user *to, const void __user *from, unsigned long n) |
309 | { | |
d02765d1 | 310 | return uaccess.copy_in_user(n, to, from); |
1da177e4 LT |
311 | } |
312 | ||
f7675ad7 | 313 | static inline unsigned long __must_check |
1da177e4 LT |
314 | copy_in_user(void __user *to, const void __user *from, unsigned long n) |
315 | { | |
dab4079d | 316 | might_fault(); |
1da177e4 | 317 | if (__access_ok(from,n) && __access_ok(to,n)) |
d02765d1 | 318 | n = __copy_in_user(to, from, n); |
1da177e4 LT |
319 | return n; |
320 | } | |
321 | ||
322 | /* | |
323 | * Copy a null terminated string from userspace. | |
324 | */ | |
f7675ad7 | 325 | static inline long __must_check |
1da177e4 LT |
326 | strncpy_from_user(char *dst, const char __user *src, long count) |
327 | { | |
328 | long res = -EFAULT; | |
dab4079d | 329 | might_fault(); |
1da177e4 | 330 | if (access_ok(VERIFY_READ, src, 1)) |
d02765d1 | 331 | res = uaccess.strncpy_from_user(count, src, dst); |
1da177e4 LT |
332 | return res; |
333 | } | |
334 | ||
1da177e4 LT |
335 | static inline unsigned long |
336 | strnlen_user(const char __user * src, unsigned long n) | |
337 | { | |
dab4079d | 338 | might_fault(); |
d02765d1 | 339 | return uaccess.strnlen_user(n, src); |
1da177e4 LT |
340 | } |
341 | ||
342 | /** | |
343 | * strlen_user: - Get the size of a string in user space. | |
344 | * @str: The string to measure. | |
345 | * | |
346 | * Context: User context only. This function may sleep. | |
347 | * | |
348 | * Get the size of a NUL-terminated string in user space. | |
349 | * | |
350 | * Returns the size of the string INCLUDING the terminating NUL. | |
351 | * On exception, returns 0. | |
352 | * | |
353 | * If there is a limit on the length of a valid string, you may wish to | |
354 | * consider using strnlen_user() instead. | |
355 | */ | |
356 | #define strlen_user(str) strnlen_user(str, ~0UL) | |
357 | ||
358 | /* | |
359 | * Zero Userspace | |
360 | */ | |
361 | ||
f7675ad7 | 362 | static inline unsigned long __must_check |
1da177e4 LT |
363 | __clear_user(void __user *to, unsigned long n) |
364 | { | |
d02765d1 | 365 | return uaccess.clear_user(n, to); |
1da177e4 LT |
366 | } |
367 | ||
f7675ad7 | 368 | static inline unsigned long __must_check |
1da177e4 LT |
369 | clear_user(void __user *to, unsigned long n) |
370 | { | |
dab4079d | 371 | might_fault(); |
1da177e4 | 372 | if (access_ok(VERIFY_WRITE, to, n)) |
d02765d1 | 373 | n = uaccess.clear_user(n, to); |
1da177e4 LT |
374 | return n; |
375 | } | |
376 | ||
377 | #endif /* __S390_UACCESS_H */ |