Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * include/asm-s390/uaccess.h | |
3 | * | |
4 | * S390 version | |
5 | * Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation | |
6 | * Author(s): Hartmut Penner (hp@de.ibm.com), | |
7 | * Martin Schwidefsky (schwidefsky@de.ibm.com) | |
8 | * | |
9 | * Derived from "include/asm-i386/uaccess.h" | |
10 | */ | |
11 | #ifndef __S390_UACCESS_H | |
12 | #define __S390_UACCESS_H | |
13 | ||
14 | /* | |
15 | * User space memory access functions | |
16 | */ | |
17 | #include <linux/sched.h> | |
18 | #include <linux/errno.h> | |
19 | ||
20 | #define VERIFY_READ 0 | |
21 | #define VERIFY_WRITE 1 | |
22 | ||
23 | ||
24 | /* | |
25 | * The fs value determines whether argument validity checking should be | |
26 | * performed or not. If get_fs() == USER_DS, checking is performed, with | |
27 | * get_fs() == KERNEL_DS, checking is bypassed. | |
28 | * | |
29 | * For historical reasons, these macros are grossly misnamed. | |
30 | */ | |
31 | ||
32 | #define MAKE_MM_SEG(a) ((mm_segment_t) { (a) }) | |
33 | ||
34 | ||
35 | #define KERNEL_DS MAKE_MM_SEG(0) | |
36 | #define USER_DS MAKE_MM_SEG(1) | |
37 | ||
38 | #define get_ds() (KERNEL_DS) | |
39 | #define get_fs() (current->thread.mm_segment) | |
40 | ||
1da177e4 LT |
41 | #define set_fs(x) \ |
42 | ({ \ | |
43 | unsigned long __pto; \ | |
44 | current->thread.mm_segment = (x); \ | |
45 | __pto = current->thread.mm_segment.ar4 ? \ | |
46 | S390_lowcore.user_asce : S390_lowcore.kernel_asce; \ | |
94c12cc7 | 47 | __ctl_load(__pto, 7, 7); \ |
1da177e4 | 48 | }) |
1da177e4 LT |
49 | |
50 | #define segment_eq(a,b) ((a).ar4 == (b).ar4) | |
51 | ||
52 | ||
793af244 | 53 | static inline int __access_ok(const void __user *addr, unsigned long size) |
a63a4931 MS |
54 | { |
55 | return 1; | |
56 | } | |
1da177e4 LT |
57 | #define access_ok(type,addr,size) __access_ok(addr,size) |
58 | ||
1da177e4 LT |
59 | /* |
60 | * The exception table consists of pairs of addresses: the first is the | |
61 | * address of an instruction that is allowed to fault, and the second is | |
62 | * the address at which the program should continue. No registers are | |
63 | * modified, so it is entirely up to the continuation code to figure out | |
64 | * what to do. | |
65 | * | |
66 | * All the routines below use bits of fixup code that are out of line | |
67 | * with the main instruction path. This means when everything is well, | |
68 | * we don't even have to jump over them. Further, they do not intrude | |
69 | * on our cache or tlb entries. | |
70 | */ | |
71 | ||
72 | struct exception_table_entry | |
73 | { | |
74 | unsigned long insn, fixup; | |
75 | }; | |
76 | ||
d02765d1 GS |
77 | struct uaccess_ops { |
78 | size_t (*copy_from_user)(size_t, const void __user *, void *); | |
79 | size_t (*copy_from_user_small)(size_t, const void __user *, void *); | |
80 | size_t (*copy_to_user)(size_t, void __user *, const void *); | |
81 | size_t (*copy_to_user_small)(size_t, void __user *, const void *); | |
82 | size_t (*copy_in_user)(size_t, void __user *, const void __user *); | |
83 | size_t (*clear_user)(size_t, void __user *); | |
84 | size_t (*strnlen_user)(size_t, const char __user *); | |
85 | size_t (*strncpy_from_user)(size_t, const char __user *, char *); | |
86 | int (*futex_atomic_op)(int op, int __user *, int oparg, int *old); | |
87 | int (*futex_atomic_cmpxchg)(int __user *, int old, int new); | |
88 | }; | |
89 | ||
90 | extern struct uaccess_ops uaccess; | |
91 | extern struct uaccess_ops uaccess_std; | |
6c2a9e6d | 92 | extern struct uaccess_ops uaccess_mvcos; |
d02765d1 GS |
93 | |
94 | static inline int __put_user_fn(size_t size, void __user *ptr, void *x) | |
95 | { | |
96 | size = uaccess.copy_to_user_small(size, ptr, x); | |
97 | return size ? -EFAULT : size; | |
98 | } | |
99 | ||
100 | static inline int __get_user_fn(size_t size, const void __user *ptr, void *x) | |
101 | { | |
102 | size = uaccess.copy_from_user_small(size, ptr, x); | |
103 | return size ? -EFAULT : size; | |
104 | } | |
1da177e4 LT |
105 | |
106 | /* | |
107 | * These are the main single-value transfer routines. They automatically | |
108 | * use the right size if we just have the right pointer type. | |
109 | */ | |
1da177e4 LT |
110 | #define __put_user(x, ptr) \ |
111 | ({ \ | |
112 | __typeof__(*(ptr)) __x = (x); \ | |
d02765d1 | 113 | int __pu_err = -EFAULT; \ |
17566c3c | 114 | __chk_user_ptr(ptr); \ |
1da177e4 LT |
115 | switch (sizeof (*(ptr))) { \ |
116 | case 1: \ | |
117 | case 2: \ | |
118 | case 4: \ | |
119 | case 8: \ | |
d02765d1 GS |
120 | __pu_err = __put_user_fn(sizeof (*(ptr)), \ |
121 | ptr, &__x); \ | |
1da177e4 LT |
122 | break; \ |
123 | default: \ | |
124 | __put_user_bad(); \ | |
125 | break; \ | |
126 | } \ | |
127 | __pu_err; \ | |
128 | }) | |
1da177e4 LT |
129 | |
130 | #define put_user(x, ptr) \ | |
131 | ({ \ | |
132 | might_sleep(); \ | |
133 | __put_user(x, ptr); \ | |
134 | }) | |
135 | ||
136 | ||
137 | extern int __put_user_bad(void) __attribute__((noreturn)); | |
138 | ||
1da177e4 LT |
139 | #define __get_user(x, ptr) \ |
140 | ({ \ | |
d02765d1 GS |
141 | int __gu_err = -EFAULT; \ |
142 | __chk_user_ptr(ptr); \ | |
1da177e4 | 143 | switch (sizeof(*(ptr))) { \ |
1047aa77 MS |
144 | case 1: { \ |
145 | unsigned char __x; \ | |
d02765d1 GS |
146 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
147 | ptr, &__x); \ | |
97fa5a66 | 148 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1047aa77 MS |
149 | break; \ |
150 | }; \ | |
151 | case 2: { \ | |
152 | unsigned short __x; \ | |
d02765d1 GS |
153 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
154 | ptr, &__x); \ | |
97fa5a66 | 155 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1047aa77 MS |
156 | break; \ |
157 | }; \ | |
158 | case 4: { \ | |
159 | unsigned int __x; \ | |
d02765d1 GS |
160 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
161 | ptr, &__x); \ | |
97fa5a66 | 162 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1047aa77 MS |
163 | break; \ |
164 | }; \ | |
165 | case 8: { \ | |
166 | unsigned long long __x; \ | |
d02765d1 GS |
167 | __gu_err = __get_user_fn(sizeof (*(ptr)), \ |
168 | ptr, &__x); \ | |
97fa5a66 | 169 | (x) = *(__force __typeof__(*(ptr)) *) &__x; \ |
1da177e4 | 170 | break; \ |
1047aa77 | 171 | }; \ |
1da177e4 LT |
172 | default: \ |
173 | __get_user_bad(); \ | |
174 | break; \ | |
175 | } \ | |
1da177e4 LT |
176 | __gu_err; \ |
177 | }) | |
1da177e4 LT |
178 | |
179 | #define get_user(x, ptr) \ | |
180 | ({ \ | |
181 | might_sleep(); \ | |
182 | __get_user(x, ptr); \ | |
183 | }) | |
184 | ||
185 | extern int __get_user_bad(void) __attribute__((noreturn)); | |
186 | ||
187 | #define __put_user_unaligned __put_user | |
188 | #define __get_user_unaligned __get_user | |
189 | ||
1da177e4 LT |
190 | /** |
191 | * __copy_to_user: - Copy a block of data into user space, with less checking. | |
192 | * @to: Destination address, in user space. | |
193 | * @from: Source address, in kernel space. | |
194 | * @n: Number of bytes to copy. | |
195 | * | |
196 | * Context: User context only. This function may sleep. | |
197 | * | |
198 | * Copy data from kernel space to user space. Caller must check | |
199 | * the specified block with access_ok() before calling this function. | |
200 | * | |
201 | * Returns number of bytes that could not be copied. | |
202 | * On success, this will be zero. | |
203 | */ | |
f7675ad7 | 204 | static inline unsigned long __must_check |
1da177e4 LT |
205 | __copy_to_user(void __user *to, const void *from, unsigned long n) |
206 | { | |
d02765d1 GS |
207 | if (__builtin_constant_p(n) && (n <= 256)) |
208 | return uaccess.copy_to_user_small(n, to, from); | |
209 | else | |
210 | return uaccess.copy_to_user(n, to, from); | |
1da177e4 LT |
211 | } |
212 | ||
213 | #define __copy_to_user_inatomic __copy_to_user | |
214 | #define __copy_from_user_inatomic __copy_from_user | |
215 | ||
216 | /** | |
217 | * copy_to_user: - Copy a block of data into user space. | |
218 | * @to: Destination address, in user space. | |
219 | * @from: Source address, in kernel space. | |
220 | * @n: Number of bytes to copy. | |
221 | * | |
222 | * Context: User context only. This function may sleep. | |
223 | * | |
224 | * Copy data from kernel space to user space. | |
225 | * | |
226 | * Returns number of bytes that could not be copied. | |
227 | * On success, this will be zero. | |
228 | */ | |
f7675ad7 | 229 | static inline unsigned long __must_check |
1da177e4 LT |
230 | copy_to_user(void __user *to, const void *from, unsigned long n) |
231 | { | |
232 | might_sleep(); | |
233 | if (access_ok(VERIFY_WRITE, to, n)) | |
234 | n = __copy_to_user(to, from, n); | |
235 | return n; | |
236 | } | |
237 | ||
1da177e4 LT |
238 | /** |
239 | * __copy_from_user: - Copy a block of data from user space, with less checking. | |
240 | * @to: Destination address, in kernel space. | |
241 | * @from: Source address, in user space. | |
242 | * @n: Number of bytes to copy. | |
243 | * | |
244 | * Context: User context only. This function may sleep. | |
245 | * | |
246 | * Copy data from user space to kernel space. Caller must check | |
247 | * the specified block with access_ok() before calling this function. | |
248 | * | |
249 | * Returns number of bytes that could not be copied. | |
250 | * On success, this will be zero. | |
251 | * | |
252 | * If some data could not be copied, this function will pad the copied | |
253 | * data to the requested size using zero bytes. | |
254 | */ | |
f7675ad7 | 255 | static inline unsigned long __must_check |
1da177e4 LT |
256 | __copy_from_user(void *to, const void __user *from, unsigned long n) |
257 | { | |
d02765d1 GS |
258 | if (__builtin_constant_p(n) && (n <= 256)) |
259 | return uaccess.copy_from_user_small(n, from, to); | |
260 | else | |
261 | return uaccess.copy_from_user(n, from, to); | |
1da177e4 LT |
262 | } |
263 | ||
264 | /** | |
265 | * copy_from_user: - Copy a block of data from user space. | |
266 | * @to: Destination address, in kernel space. | |
267 | * @from: Source address, in user space. | |
268 | * @n: Number of bytes to copy. | |
269 | * | |
270 | * Context: User context only. This function may sleep. | |
271 | * | |
272 | * Copy data from user space to kernel space. | |
273 | * | |
274 | * Returns number of bytes that could not be copied. | |
275 | * On success, this will be zero. | |
276 | * | |
277 | * If some data could not be copied, this function will pad the copied | |
278 | * data to the requested size using zero bytes. | |
279 | */ | |
f7675ad7 | 280 | static inline unsigned long __must_check |
1da177e4 LT |
281 | copy_from_user(void *to, const void __user *from, unsigned long n) |
282 | { | |
283 | might_sleep(); | |
284 | if (access_ok(VERIFY_READ, from, n)) | |
285 | n = __copy_from_user(to, from, n); | |
286 | else | |
287 | memset(to, 0, n); | |
288 | return n; | |
289 | } | |
290 | ||
f7675ad7 | 291 | static inline unsigned long __must_check |
1da177e4 LT |
292 | __copy_in_user(void __user *to, const void __user *from, unsigned long n) |
293 | { | |
d02765d1 | 294 | return uaccess.copy_in_user(n, to, from); |
1da177e4 LT |
295 | } |
296 | ||
f7675ad7 | 297 | static inline unsigned long __must_check |
1da177e4 LT |
298 | copy_in_user(void __user *to, const void __user *from, unsigned long n) |
299 | { | |
300 | might_sleep(); | |
301 | if (__access_ok(from,n) && __access_ok(to,n)) | |
d02765d1 | 302 | n = __copy_in_user(to, from, n); |
1da177e4 LT |
303 | return n; |
304 | } | |
305 | ||
306 | /* | |
307 | * Copy a null terminated string from userspace. | |
308 | */ | |
f7675ad7 | 309 | static inline long __must_check |
1da177e4 LT |
310 | strncpy_from_user(char *dst, const char __user *src, long count) |
311 | { | |
312 | long res = -EFAULT; | |
313 | might_sleep(); | |
314 | if (access_ok(VERIFY_READ, src, 1)) | |
d02765d1 | 315 | res = uaccess.strncpy_from_user(count, src, dst); |
1da177e4 LT |
316 | return res; |
317 | } | |
318 | ||
1da177e4 LT |
319 | static inline unsigned long |
320 | strnlen_user(const char __user * src, unsigned long n) | |
321 | { | |
322 | might_sleep(); | |
d02765d1 | 323 | return uaccess.strnlen_user(n, src); |
1da177e4 LT |
324 | } |
325 | ||
326 | /** | |
327 | * strlen_user: - Get the size of a string in user space. | |
328 | * @str: The string to measure. | |
329 | * | |
330 | * Context: User context only. This function may sleep. | |
331 | * | |
332 | * Get the size of a NUL-terminated string in user space. | |
333 | * | |
334 | * Returns the size of the string INCLUDING the terminating NUL. | |
335 | * On exception, returns 0. | |
336 | * | |
337 | * If there is a limit on the length of a valid string, you may wish to | |
338 | * consider using strnlen_user() instead. | |
339 | */ | |
340 | #define strlen_user(str) strnlen_user(str, ~0UL) | |
341 | ||
342 | /* | |
343 | * Zero Userspace | |
344 | */ | |
345 | ||
f7675ad7 | 346 | static inline unsigned long __must_check |
1da177e4 LT |
347 | __clear_user(void __user *to, unsigned long n) |
348 | { | |
d02765d1 | 349 | return uaccess.clear_user(n, to); |
1da177e4 LT |
350 | } |
351 | ||
f7675ad7 | 352 | static inline unsigned long __must_check |
1da177e4 LT |
353 | clear_user(void __user *to, unsigned long n) |
354 | { | |
355 | might_sleep(); | |
356 | if (access_ok(VERIFY_WRITE, to, n)) | |
d02765d1 | 357 | n = uaccess.clear_user(n, to); |
1da177e4 LT |
358 | return n; |
359 | } | |
360 | ||
361 | #endif /* __S390_UACCESS_H */ |