[deliverable/linux.git] / include / asm-s390 / uaccess.h

/*
 *  include/asm-s390/uaccess.h
 *
 *  S390 version
 *    Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation
 *    Author(s): Hartmut Penner (hp@de.ibm.com),
 *               Martin Schwidefsky (schwidefsky@de.ibm.com)
 *
 *  Derived from "include/asm-i386/uaccess.h"
 */
#ifndef __S390_UACCESS_H
#define __S390_UACCESS_H

/*
 * User space memory access functions
 */
#include <linux/sched.h>
#include <linux/errno.h>

#define VERIFY_READ     0
#define VERIFY_WRITE    1


/*
 * The fs value determines whether argument validity checking should be
 * performed or not.  If get_fs() == USER_DS, checking is performed, with
 * get_fs() == KERNEL_DS, checking is bypassed.
 *
 * For historical reasons, these macros are grossly misnamed.
 */

#define MAKE_MM_SEG(a)  ((mm_segment_t) { (a) })


#define KERNEL_DS       MAKE_MM_SEG(0)
#define USER_DS         MAKE_MM_SEG(1)

#define get_ds()        (KERNEL_DS)
#define get_fs()        (current->thread.mm_segment)

#define set_fs(x) \
({									\
	unsigned long __pto;						\
	current->thread.mm_segment = (x);				\
	__pto = current->thread.mm_segment.ar4 ?			\
		S390_lowcore.user_asce : S390_lowcore.kernel_asce;	\
	__ctl_load(__pto, 7, 7);					\
})

#define segment_eq(a,b) ((a).ar4 == (b).ar4)


static inline int __access_ok(const void __user *addr, unsigned long size)
{
	return 1;
}
#define access_ok(type,addr,size) __access_ok(addr,size)

/*
 * The exception table consists of pairs of addresses: the first is the
 * address of an instruction that is allowed to fault, and the second is
 * the address at which the program should continue.  No registers are
 * modified, so it is entirely up to the continuation code to figure out
 * what to do.
 *
 * All the routines below use bits of fixup code that are out of line
 * with the main instruction path.  This means when everything is well,
 * we don't even have to jump over them.  Further, they do not intrude
 * on our cache or tlb entries.
 */

struct exception_table_entry
{
        unsigned long insn, fixup;
};

struct uaccess_ops {
	size_t (*copy_from_user)(size_t, const void __user *, void *);
	size_t (*copy_from_user_small)(size_t, const void __user *, void *);
	size_t (*copy_to_user)(size_t, void __user *, const void *);
	size_t (*copy_to_user_small)(size_t, void __user *, const void *);
	size_t (*copy_in_user)(size_t, void __user *, const void __user *);
	size_t (*clear_user)(size_t, void __user *);
	size_t (*strnlen_user)(size_t, const char __user *);
	size_t (*strncpy_from_user)(size_t, const char __user *, char *);
	int (*futex_atomic_op)(int op, int __user *, int oparg, int *old);
	int (*futex_atomic_cmpxchg)(int __user *, int old, int new);
};

extern struct uaccess_ops uaccess;
extern struct uaccess_ops uaccess_std;
extern struct uaccess_ops uaccess_mvcos;

static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
{
	size = uaccess.copy_to_user_small(size, ptr, x);
	return size ? -EFAULT : size;
}

static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
{
	size = uaccess.copy_from_user_small(size, ptr, x);
	return size ? -EFAULT : size;
}

/*
 * These are the main single-value transfer routines.  They automatically
 * use the right size if we just have the right pointer type.
 */
#define __put_user(x, ptr) \
({								\
	__typeof__(*(ptr)) __x = (x);				\
	int __pu_err = -EFAULT;					\
        __chk_user_ptr(ptr);                                    \
	switch (sizeof (*(ptr))) {				\
	case 1:							\
	case 2:							\
	case 4:							\
	case 8:							\
		__pu_err = __put_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		break;						\
	default:						\
		__put_user_bad();				\
		break;						\
	 }							\
	__pu_err;						\
})

#define put_user(x, ptr)					\
({								\
	might_sleep();						\
	__put_user(x, ptr);					\
})


extern int __put_user_bad(void) __attribute__((noreturn));

#define __get_user(x, ptr)					\
({								\
	int __gu_err = -EFAULT;					\
	__chk_user_ptr(ptr);					\
	switch (sizeof(*(ptr))) {				\
	case 1: {						\
		unsigned char __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 2: {						\
		unsigned short __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 4: {						\
		unsigned int __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 8: {						\
		unsigned long long __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	default:						\
		__get_user_bad();				\
		break;						\
	}							\
	__gu_err;						\
})

#define get_user(x, ptr)					\
({								\
	might_sleep();						\
	__get_user(x, ptr);					\
})

extern int __get_user_bad(void) __attribute__((noreturn));

#define __put_user_unaligned __put_user
#define __get_user_unaligned __get_user

/**
 * __copy_to_user: - Copy a block of data into user space, with less checking.
 * @to:   Destination address, in user space.
 * @from: Source address, in kernel space.
 * @n:    Number of bytes to copy.
 *
 * Context: User context only.  This function may sleep.
 *
 * Copy data from kernel space to user space.  Caller must check
 * the specified block with access_ok() before calling this function.
 *
 * Returns number of bytes that could not be copied.
 * On success, this will be zero.
 */
static inline unsigned long
__copy_to_user(void __user *to, const void *from, unsigned long n)
{
	if (__builtin_constant_p(n) && (n <= 256))
		return uaccess.copy_to_user_small(n, to, from);
	else
		return uaccess.copy_to_user(n, to, from);
}

#define __copy_to_user_inatomic __copy_to_user
#define __copy_from_user_inatomic __copy_from_user

/**
 * copy_to_user: - Copy a block of data into user space.
 * @to:   Destination address, in user space.
 * @from: Source address, in kernel space.
 * @n:    Number of bytes to copy.
 *
 * Context: User context only.  This function may sleep.
 *
 * Copy data from kernel space to user space.
 *
 * Returns number of bytes that could not be copied.
 * On success, this will be zero.
 */
static inline unsigned long
copy_to_user(void __user *to, const void *from, unsigned long n)
{
	might_sleep();
	if (access_ok(VERIFY_WRITE, to, n))
		n = __copy_to_user(to, from, n);
	return n;
}

/**
 * __copy_from_user: - Copy a block of data from user space, with less checking.
 * @to:   Destination address, in kernel space.
 * @from: Source address, in user space.
 * @n:    Number of bytes to copy.
 *
 * Context: User context only.  This function may sleep.
 *
 * Copy data from user space to kernel space.  Caller must check
 * the specified block with access_ok() before calling this function.
 *
 * Returns number of bytes that could not be copied.
 * On success, this will be zero.
 *
 * If some data could not be copied, this function will pad the copied
 * data to the requested size using zero bytes.
 */
static inline unsigned long
__copy_from_user(void *to, const void __user *from, unsigned long n)
{
	if (__builtin_constant_p(n) && (n <= 256))
		return uaccess.copy_from_user_small(n, from, to);
	else
		return uaccess.copy_from_user(n, from, to);
}

/**
 * copy_from_user: - Copy a block of data from user space.
 * @to:   Destination address, in kernel space.
 * @from: Source address, in user space.
 * @n:    Number of bytes to copy.
 *
 * Context: User context only.  This function may sleep.
 *
 * Copy data from user space to kernel space.
 *
 * Returns number of bytes that could not be copied.
 * On success, this will be zero.
 *
 * If some data could not be copied, this function will pad the copied
 * data to the requested size using zero bytes.
 */
static inline unsigned long
copy_from_user(void *to, const void __user *from, unsigned long n)
{
	might_sleep();
	if (access_ok(VERIFY_READ, from, n))
		n = __copy_from_user(to, from, n);
	else
		memset(to, 0, n);
	return n;
}

static inline unsigned long
__copy_in_user(void __user *to, const void __user *from, unsigned long n)
{
	return uaccess.copy_in_user(n, to, from);
}

static inline unsigned long
copy_in_user(void __user *to, const void __user *from, unsigned long n)
{
	might_sleep();
	if (__access_ok(from,n) && __access_ok(to,n))
		n = __copy_in_user(to, from, n);
	return n;
}

/*
 * Copy a null terminated string from userspace.
 */
static inline long
strncpy_from_user(char *dst, const char __user *src, long count)
{
        long res = -EFAULT;
        might_sleep();
        if (access_ok(VERIFY_READ, src, 1))
		res = uaccess.strncpy_from_user(count, src, dst);
        return res;
}

static inline unsigned long
strnlen_user(const char __user * src, unsigned long n)
{
	might_sleep();
	return uaccess.strnlen_user(n, src);
}

/**
 * strlen_user: - Get the size of a string in user space.
 * @str: The string to measure.
 *
 * Context: User context only.  This function may sleep.
 *
 * Get the size of a NUL-terminated string in user space.
 *
 * Returns the size of the string INCLUDING the terminating NUL.
 * On exception, returns 0.
 *
 * If there is a limit on the length of a valid string, you may wish to
 * consider using strnlen_user() instead.
 */
#define strlen_user(str) strnlen_user(str, ~0UL)

/*
 * Zero Userspace
 */

static inline unsigned long
__clear_user(void __user *to, unsigned long n)
{
	return uaccess.clear_user(n, to);
}

static inline unsigned long
clear_user(void __user *to, unsigned long n)
{
	might_sleep();
	if (access_ok(VERIFY_WRITE, to, n))
		n = uaccess.clear_user(n, to);
	return n;
}

#endif /* __S390_UACCESS_H */
Commit	Line	Data
1da177e4 LT	1	/*
	2	* include/asm-s390/uaccess.h
	3	*
	4	* S390 version
	5	* Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation
	6	* Author(s): Hartmut Penner (hp@de.ibm.com),
	7	* Martin Schwidefsky (schwidefsky@de.ibm.com)
	8	*
	9	* Derived from "include/asm-i386/uaccess.h"
	10	*/
	11	#ifndef __S390_UACCESS_H
	12	#define __S390_UACCESS_H
	13
	14	/*
	15	* User space memory access functions
	16	*/
	17	#include <linux/sched.h>
	18	#include <linux/errno.h>
	19
	20	#define VERIFY_READ 0
	21	#define VERIFY_WRITE 1
	22
	23
	24	/*
	25	* The fs value determines whether argument validity checking should be
	26	* performed or not. If get_fs() == USER_DS, checking is performed, with
	27	* get_fs() == KERNEL_DS, checking is bypassed.
	28	*
	29	* For historical reasons, these macros are grossly misnamed.
	30	*/
	31
	32	#define MAKE_MM_SEG(a) ((mm_segment_t) { (a) })
	33
	34
	35	#define KERNEL_DS MAKE_MM_SEG(0)
	36	#define USER_DS MAKE_MM_SEG(1)
	37
	38	#define get_ds() (KERNEL_DS)
	39	#define get_fs() (current->thread.mm_segment)
	40
1da177e4 LT	41	#define set_fs(x) \
	42	({ \
	43	unsigned long __pto; \
	44	current->thread.mm_segment = (x); \
	45	__pto = current->thread.mm_segment.ar4 ? \
	46	S390_lowcore.user_asce : S390_lowcore.kernel_asce; \
94c12cc7	47	__ctl_load(__pto, 7, 7); \
1da177e4	48	})
1da177e4 LT	49
	50	#define segment_eq(a,b) ((a).ar4 == (b).ar4)
	51
	52
793af244	53	static inline int __access_ok(const void __user *addr, unsigned long size)
a63a4931 MS	54	{
	55	return 1;
	56	}
1da177e4 LT	57	#define access_ok(type,addr,size) __access_ok(addr,size)
1da177e4 LT	58
1da177e4 LT	59	/*
	60	* The exception table consists of pairs of addresses: the first is the
	61	* address of an instruction that is allowed to fault, and the second is
	62	* the address at which the program should continue. No registers are
	63	* modified, so it is entirely up to the continuation code to figure out
	64	* what to do.
	65	*
	66	* All the routines below use bits of fixup code that are out of line
	67	* with the main instruction path. This means when everything is well,
	68	* we don't even have to jump over them. Further, they do not intrude
	69	* on our cache or tlb entries.
	70	*/
	71
	72	struct exception_table_entry
	73	{
	74	unsigned long insn, fixup;
	75	};
	76
d02765d1 GS	77	struct uaccess_ops {
	78	size_t (copy_from_user)(size_t, const void __user , void *);
	79	size_t (copy_from_user_small)(size_t, const void __user , void *);
	80	size_t (copy_to_user)(size_t, void __user , const void *);
	81	size_t (copy_to_user_small)(size_t, void __user , const void *);
	82	size_t (copy_in_user)(size_t, void __user , const void __user *);
	83	size_t (clear_user)(size_t, void __user );
	84	size_t (strnlen_user)(size_t, const char __user );
	85	size_t (strncpy_from_user)(size_t, const char __user , char *);
	86	int (futex_atomic_op)(int op, int __user , int oparg, int *old);
	87	int (futex_atomic_cmpxchg)(int __user , int old, int new);
	88	};
	89
	90	extern struct uaccess_ops uaccess;
	91	extern struct uaccess_ops uaccess_std;
6c2a9e6d	92	extern struct uaccess_ops uaccess_mvcos;
d02765d1 GS	93
	94	static inline int __put_user_fn(size_t size, void __user ptr, void x)
	95	{
	96	size = uaccess.copy_to_user_small(size, ptr, x);
	97	return size ? -EFAULT : size;
	98	}
	99
	100	static inline int __get_user_fn(size_t size, const void __user ptr, void x)
	101	{
	102	size = uaccess.copy_from_user_small(size, ptr, x);
	103	return size ? -EFAULT : size;
	104	}
1da177e4 LT	105
	106	/*
	107	* These are the main single-value transfer routines. They automatically
	108	* use the right size if we just have the right pointer type.
	109	*/
1da177e4 LT	110	#define __put_user(x, ptr) \
	111	({ \
	112	__typeof__(*(ptr)) __x = (x); \
d02765d1	113	int __pu_err = -EFAULT; \
17566c3c	114	__chk_user_ptr(ptr); \
1da177e4 LT	115	switch (sizeof (*(ptr))) { \
	116	case 1: \
	117	case 2: \
	118	case 4: \
	119	case 8: \
d02765d1 GS	120	__pu_err = __put_user_fn(sizeof (*(ptr)), \
d02765d1 GS	121	ptr, &__x); \
1da177e4 LT	122	break; \
	123	default: \
	124	__put_user_bad(); \
	125	break; \
	126	} \
	127	__pu_err; \
	128	})
1da177e4 LT	129
	130	#define put_user(x, ptr) \
	131	({ \
	132	might_sleep(); \
	133	__put_user(x, ptr); \
	134	})
	135
	136
	137	extern int __put_user_bad(void) __attribute__((noreturn));
	138
1da177e4 LT	139	#define __get_user(x, ptr) \
1da177e4 LT	140	({ \
d02765d1 GS	141	int __gu_err = -EFAULT; \
d02765d1 GS	142	__chk_user_ptr(ptr); \
1da177e4	143	switch (sizeof(*(ptr))) { \
1047aa77 MS	144	case 1: { \
1047aa77 MS	145	unsigned char __x; \
d02765d1 GS	146	__gu_err = __get_user_fn(sizeof (*(ptr)), \
d02765d1 GS	147	ptr, &__x); \
97fa5a66	148	(x) = (__force __typeof__((ptr)) *) &__x; \
1047aa77 MS	149	break; \
	150	}; \
	151	case 2: { \
	152	unsigned short __x; \
d02765d1 GS	153	__gu_err = __get_user_fn(sizeof (*(ptr)), \
d02765d1 GS	154	ptr, &__x); \
97fa5a66	155	(x) = (__force __typeof__((ptr)) *) &__x; \
1047aa77 MS	156	break; \
	157	}; \
	158	case 4: { \
	159	unsigned int __x; \
d02765d1 GS	160	__gu_err = __get_user_fn(sizeof (*(ptr)), \
d02765d1 GS	161	ptr, &__x); \
97fa5a66	162	(x) = (__force __typeof__((ptr)) *) &__x; \
1047aa77 MS	163	break; \
	164	}; \
	165	case 8: { \
	166	unsigned long long __x; \
d02765d1 GS	167	__gu_err = __get_user_fn(sizeof (*(ptr)), \
d02765d1 GS	168	ptr, &__x); \
97fa5a66	169	(x) = (__force __typeof__((ptr)) *) &__x; \
1da177e4	170	break; \
1047aa77	171	}; \
1da177e4 LT	172	default: \
	173	__get_user_bad(); \
	174	break; \
	175	} \
1da177e4 LT	176	__gu_err; \
1da177e4 LT	177	})
1da177e4 LT	178
	179	#define get_user(x, ptr) \
	180	({ \
	181	might_sleep(); \
	182	__get_user(x, ptr); \
	183	})
	184
	185	extern int __get_user_bad(void) __attribute__((noreturn));
	186
	187	#define __put_user_unaligned __put_user
	188	#define __get_user_unaligned __get_user
	189
1da177e4 LT	190	/**
	191	* __copy_to_user: - Copy a block of data into user space, with less checking.
	192	* @to: Destination address, in user space.
	193	* @from: Source address, in kernel space.
	194	* @n: Number of bytes to copy.
	195	*
	196	* Context: User context only. This function may sleep.
	197	*
	198	* Copy data from kernel space to user space. Caller must check
	199	* the specified block with access_ok() before calling this function.
	200	*
	201	* Returns number of bytes that could not be copied.
	202	* On success, this will be zero.
	203	*/
	204	static inline unsigned long
	205	__copy_to_user(void __user to, const void from, unsigned long n)
	206	{
d02765d1 GS	207	if (__builtin_constant_p(n) && (n <= 256))
	208	return uaccess.copy_to_user_small(n, to, from);
	209	else
	210	return uaccess.copy_to_user(n, to, from);
1da177e4 LT	211	}
	212
	213	#define __copy_to_user_inatomic __copy_to_user
	214	#define __copy_from_user_inatomic __copy_from_user
	215
	216	/**
	217	* copy_to_user: - Copy a block of data into user space.
	218	* @to: Destination address, in user space.
	219	* @from: Source address, in kernel space.
	220	* @n: Number of bytes to copy.
	221	*
	222	* Context: User context only. This function may sleep.
	223	*
	224	* Copy data from kernel space to user space.
	225	*
	226	* Returns number of bytes that could not be copied.
	227	* On success, this will be zero.
	228	*/
	229	static inline unsigned long
	230	copy_to_user(void __user to, const void from, unsigned long n)
	231	{
	232	might_sleep();
	233	if (access_ok(VERIFY_WRITE, to, n))
	234	n = __copy_to_user(to, from, n);
	235	return n;
	236	}
	237
1da177e4 LT	238	/**
	239	* __copy_from_user: - Copy a block of data from user space, with less checking.
	240	* @to: Destination address, in kernel space.
	241	* @from: Source address, in user space.
	242	* @n: Number of bytes to copy.
	243	*
	244	* Context: User context only. This function may sleep.
	245	*
	246	* Copy data from user space to kernel space. Caller must check
	247	* the specified block with access_ok() before calling this function.
	248	*
	249	* Returns number of bytes that could not be copied.
	250	* On success, this will be zero.
	251	*
	252	* If some data could not be copied, this function will pad the copied
	253	* data to the requested size using zero bytes.
	254	*/
	255	static inline unsigned long
	256	__copy_from_user(void to, const void __user from, unsigned long n)
	257	{
d02765d1 GS	258	if (__builtin_constant_p(n) && (n <= 256))
	259	return uaccess.copy_from_user_small(n, from, to);
	260	else
	261	return uaccess.copy_from_user(n, from, to);
1da177e4 LT	262	}
	263
	264	/**
	265	* copy_from_user: - Copy a block of data from user space.
	266	* @to: Destination address, in kernel space.
	267	* @from: Source address, in user space.
	268	* @n: Number of bytes to copy.
	269	*
	270	* Context: User context only. This function may sleep.
	271	*
	272	* Copy data from user space to kernel space.
	273	*
	274	* Returns number of bytes that could not be copied.
	275	* On success, this will be zero.
	276	*
	277	* If some data could not be copied, this function will pad the copied
	278	* data to the requested size using zero bytes.
	279	*/
	280	static inline unsigned long
	281	copy_from_user(void to, const void __user from, unsigned long n)
	282	{
	283	might_sleep();
	284	if (access_ok(VERIFY_READ, from, n))
	285	n = __copy_from_user(to, from, n);
	286	else
	287	memset(to, 0, n);
	288	return n;
	289	}
	290
1da177e4 LT	291	static inline unsigned long
	292	__copy_in_user(void __user to, const void __user from, unsigned long n)
	293	{
d02765d1	294	return uaccess.copy_in_user(n, to, from);
1da177e4 LT	295	}
	296
	297	static inline unsigned long
	298	copy_in_user(void __user to, const void __user from, unsigned long n)
	299	{
	300	might_sleep();
	301	if (__access_ok(from,n) && __access_ok(to,n))
d02765d1	302	n = __copy_in_user(to, from, n);
1da177e4 LT	303	return n;
	304	}
	305
	306	/*
	307	* Copy a null terminated string from userspace.
	308	*/
1da177e4 LT	309	static inline long
	310	strncpy_from_user(char dst, const char __user src, long count)
	311	{
	312	long res = -EFAULT;
	313	might_sleep();
	314	if (access_ok(VERIFY_READ, src, 1))
d02765d1	315	res = uaccess.strncpy_from_user(count, src, dst);
1da177e4 LT	316	return res;
	317	}
	318
1da177e4 LT	319	static inline unsigned long
	320	strnlen_user(const char __user * src, unsigned long n)
	321	{
	322	might_sleep();
d02765d1	323	return uaccess.strnlen_user(n, src);
1da177e4 LT	324	}
	325
	326	/**
	327	* strlen_user: - Get the size of a string in user space.
	328	* @str: The string to measure.
	329	*
	330	* Context: User context only. This function may sleep.
	331	*
	332	* Get the size of a NUL-terminated string in user space.
	333	*
	334	* Returns the size of the string INCLUDING the terminating NUL.
	335	* On exception, returns 0.
	336	*
	337	* If there is a limit on the length of a valid string, you may wish to
	338	* consider using strnlen_user() instead.
	339	*/
	340	#define strlen_user(str) strnlen_user(str, ~0UL)
	341
	342	/*
	343	* Zero Userspace
	344	*/
	345
1da177e4 LT	346	static inline unsigned long
	347	__clear_user(void __user *to, unsigned long n)
	348	{
d02765d1	349	return uaccess.clear_user(n, to);
1da177e4 LT	350	}
	351
	352	static inline unsigned long
	353	clear_user(void __user *to, unsigned long n)
	354	{
	355	might_sleep();
	356	if (access_ok(VERIFY_WRITE, to, n))
d02765d1	357	n = uaccess.clear_user(n, to);
1da177e4 LT	358	return n;
	359	}
	360
	361	#endif /* __S390_UACCESS_H */