1 /*
2 * This file is subject to the terms and conditions of the GNU General Public
3 * License. See the file "COPYING" in the main directory of this archive
4 * for more details.
5 *
6 * Copyright (C) 1996, 1997, 1998, 1999, 2000, 03, 04 by Ralf Baechle
7 * Copyright (C) 1999, 2000 Silicon Graphics, Inc.
8 * Copyright (C) 2007 Maciej W. Rozycki
9 * Copyright (C) 2014, Imagination Technologies Ltd.
10 */
11 #ifndef _ASM_UACCESS_H
12 #define _ASM_UACCESS_H
13
14 #include <linux/kernel.h>
15 #include <linux/string.h>
16 #include <asm/asm-eva.h>
17 #include <asm/extable.h>
18
19 #ifdef CONFIG_32BIT
20
21 #define __UA_LIMIT 0x80000000UL
22 #define TASK_SIZE_MAX KSEG0
23
24 #define __UA_ADDR ".word"
25 #define __UA_LA "la"
26 #define __UA_ADDU "addu"
27 #define __UA_t0 "$8"
28 #define __UA_t1 "$9"
29
30 #endif /* CONFIG_32BIT */
31
32 #ifdef CONFIG_64BIT
33
34 extern u64 __ua_limit;
35
36 #define __UA_LIMIT __ua_limit
37 #define TASK_SIZE_MAX XKSSEG
38
39 #define __UA_ADDR ".dword"
40 #define __UA_LA "dla"
41 #define __UA_ADDU "daddu"
42 #define __UA_t0 "$12"
43 #define __UA_t1 "$13"
44
45 #endif /* CONFIG_64BIT */
46
47 #include <asm-generic/access_ok.h>
48
49 /*
50 * put_user: - Write a simple value into user space.
51 * @x: Value to copy to user space.
52 * @ptr: Destination address, in user space.
53 *
54 * Context: User context only. This function may sleep if pagefaults are
55 * enabled.
56 *
57 * This macro copies a single simple value from kernel space to user
58 * space. It supports simple types like char and int, but not larger
59 * data types like structures or arrays.
60 *
61 * @ptr must have pointer-to-simple-variable type, and @x must be assignable
62 * to the result of dereferencing @ptr.
63 *
64 * Returns zero on success, or -EFAULT on error.
65 */
66 #define put_user(x, ptr) \
67 ({ \
68 __typeof__(*(ptr)) __user *__p = (ptr); \
69 \
70 might_fault(); \
71 access_ok(__p, sizeof(*__p)) ? __put_user((x), __p) : -EFAULT; \
72 })
73
74 /*
75 * get_user: - Get a simple variable from user space.
76 * @x: Variable to store result.
77 * @ptr: Source address, in user space.
78 *
79 * Context: User context only. This function may sleep if pagefaults are
80 * enabled.
81 *
82 * This macro copies a single simple variable from user space to kernel
83 * space. It supports simple types like char and int, but not larger
84 * data types like structures or arrays.
85 *
86 * @ptr must have pointer-to-simple-variable type, and the result of
87 * dereferencing @ptr must be assignable to @x without a cast.
88 *
89 * Returns zero on success, or -EFAULT on error.
90 * On error, the variable @x is set to zero.
91 */
92 #define get_user(x, ptr) \
93 ({ \
94 const __typeof__(*(ptr)) __user *__p = (ptr); \
95 \
96 might_fault(); \
97 access_ok(__p, sizeof(*__p)) ? __get_user((x), __p) : \
98 ((x) = 0, -EFAULT); \
99 })
100
101 /*
102 * __put_user: - Write a simple value into user space, with less checking.
103 * @x: Value to copy to user space.
104 * @ptr: Destination address, in user space.
105 *
106 * Context: User context only. This function may sleep if pagefaults are
107 * enabled.
108 *
109 * This macro copies a single simple value from kernel space to user
110 * space. It supports simple types like char and int, but not larger
111 * data types like structures or arrays.
112 *
113 * @ptr must have pointer-to-simple-variable type, and @x must be assignable
114 * to the result of dereferencing @ptr.
115 *
116 * Caller must check the pointer with access_ok() before calling this
117 * function.
118 *
119 * Returns zero on success, or -EFAULT on error.
120 */
121 #define __put_user(x, ptr) \
122 ({ \
123 __typeof__(*(ptr)) __user *__pu_ptr = (ptr); \
124 __typeof__(*(ptr)) __pu_val = (x); \
125 int __pu_err = 0; \
126 \
127 __chk_user_ptr(__pu_ptr); \
128 switch (sizeof(*__pu_ptr)) { \
129 case 1: \
130 __put_data_asm(user_sb, __pu_ptr); \
131 break; \
132 case 2: \
133 __put_data_asm(user_sh, __pu_ptr); \
134 break; \
135 case 4: \
136 __put_data_asm(user_sw, __pu_ptr); \
137 break; \
138 case 8: \
139 __PUT_DW(user_sd, __pu_ptr); \
140 break; \
141 default: \
142 BUILD_BUG(); \
143 } \
144 \
145 __pu_err; \
146 })
147
148 /*
149 * __get_user: - Get a simple variable from user space, with less checking.
150 * @x: Variable to store result.
151 * @ptr: Source address, in user space.
152 *
153 * Context: User context only. This function may sleep if pagefaults are
154 * enabled.
155 *
156 * This macro copies a single simple variable from user space to kernel
157 * space. It supports simple types like char and int, but not larger
158 * data types like structures or arrays.
159 *
160 * @ptr must have pointer-to-simple-variable type, and the result of
161 * dereferencing @ptr must be assignable to @x without a cast.
162 *
163 * Caller must check the pointer with access_ok() before calling this
164 * function.
165 *
166 * Returns zero on success, or -EFAULT on error.
167 * On error, the variable @x is set to zero.
168 */
169 #define __get_user(x, ptr) \
170 ({ \
171 const __typeof__(*(ptr)) __user *__gu_ptr = (ptr); \
172 int __gu_err = 0; \
173 \
174 __chk_user_ptr(__gu_ptr); \
175 switch (sizeof(*__gu_ptr)) { \
176 case 1: \
177 __get_data_asm((x), user_lb, __gu_ptr); \
178 break; \
179 case 2: \
180 __get_data_asm((x), user_lh, __gu_ptr); \
181 break; \
182 case 4: \
183 __get_data_asm((x), user_lw, __gu_ptr); \
184 break; \
185 case 8: \
186 __GET_DW((x), user_ld, __gu_ptr); \
187 break; \
188 default: \
189 BUILD_BUG(); \
190 } \
191 \
192 __gu_err; \
193 })
194
195 struct __large_struct { unsigned long buf[100]; };
196 #define __m(x) (*(struct __large_struct __user *)(x))
197
198 #ifdef CONFIG_32BIT
199 #define __GET_DW(val, insn, ptr) __get_data_asm_ll32(val, insn, ptr)
200 #endif
201 #ifdef CONFIG_64BIT
202 #define __GET_DW(val, insn, ptr) __get_data_asm(val, insn, ptr)
203 #endif
204
205 #define __get_data_asm(val, insn, addr) \
206 { \
207 long __gu_tmp; \
208 \
209 __asm__ __volatile__( \
210 "1: "insn("%1", "%3")" \n" \
211 "2: \n" \
212 " .insn \n" \
213 " .section .fixup,\"ax\" \n" \
214 "3: li %0, %4 \n" \
215 " move %1, $0 \n" \
216 " j 2b \n" \
217 " .previous \n" \
218 " .section __ex_table,\"a\" \n" \
219 " "__UA_ADDR "\t1b, 3b \n" \
220 " .previous \n" \
221 : "=r" (__gu_err), "=r" (__gu_tmp) \
222 : "0" (0), "o" (__m(addr)), "i" (-EFAULT)); \
223 \
224 (val) = (__typeof__(*(addr))) __gu_tmp; \
225 }
226
227 /*
228 * Get a long long 64 using 32 bit registers.
229 */
230 #define __get_data_asm_ll32(val, insn, addr) \
231 { \
232 union { \
233 unsigned long long l; \
234 __typeof__(*(addr)) t; \
235 } __gu_tmp; \
236 \
237 __asm__ __volatile__( \
238 "1: " insn("%1", "(%3)")" \n" \
239 "2: " insn("%D1", "4(%3)")" \n" \
240 "3: \n" \
241 " .insn \n" \
242 " .section .fixup,\"ax\" \n" \
243 "4: li %0, %4 \n" \
244 " move %1, $0 \n" \
245 " move %D1, $0 \n" \
246 " j 3b \n" \
247 " .previous \n" \
248 " .section __ex_table,\"a\" \n" \
249 " " __UA_ADDR " 1b, 4b \n" \
250 " " __UA_ADDR " 2b, 4b \n" \
251 " .previous \n" \
252 : "=r" (__gu_err), "=&r" (__gu_tmp.l) \
253 : "0" (0), "r" (addr), "i" (-EFAULT)); \
254 \
255 (val) = __gu_tmp.t; \
256 }
257
258 #define __get_kernel_nofault(dst, src, type, err_label) \
259 do { \
260 int __gu_err; \
261 \
262 switch (sizeof(type)) { \
263 case 1: \
264 __get_data_asm(*(type *)(dst), kernel_lb, \
265 (__force type *)(src)); \
266 break; \
267 case 2: \
268 __get_data_asm(*(type *)(dst), kernel_lh, \
269 (__force type *)(src)); \
270 break; \
271 case 4: \
272 __get_data_asm(*(type *)(dst), kernel_lw, \
273 (__force type *)(src)); \
274 break; \
275 case 8: \
276 __GET_DW(*(type *)(dst), kernel_ld, \
277 (__force type *)(src)); \
278 break; \
279 default: \
280 BUILD_BUG(); \
281 break; \
282 } \
283 if (unlikely(__gu_err)) \
284 goto err_label; \
285 } while (0)
286
287 /*
288 * Yuck. We need two variants, one for 64bit operation and one
289 * for 32 bit mode and old iron.
290 */
291 #ifdef CONFIG_32BIT
292 #define __PUT_DW(insn, ptr) __put_data_asm_ll32(insn, ptr)
293 #endif
294 #ifdef CONFIG_64BIT
295 #define __PUT_DW(insn, ptr) __put_data_asm(insn, ptr)
296 #endif
297
298 #define __put_data_asm(insn, ptr) \
299 { \
300 __asm__ __volatile__( \
301 "1: "insn("%z2", "%3")" # __put_data_asm \n" \
302 "2: \n" \
303 " .insn \n" \
304 " .section .fixup,\"ax\" \n" \
305 "3: li %0, %4 \n" \
306 " j 2b \n" \
307 " .previous \n" \
308 " .section __ex_table,\"a\" \n" \
309 " " __UA_ADDR " 1b, 3b \n" \
310 " .previous \n" \
311 : "=r" (__pu_err) \
312 : "0" (0), "Jr" (__pu_val), "o" (__m(ptr)), \
313 "i" (-EFAULT)); \
314 }
315
316 #define __put_data_asm_ll32(insn, ptr) \
317 { \
318 __asm__ __volatile__( \
319 "1: "insn("%2", "(%3)")" # __put_data_asm_ll32 \n" \
320 "2: "insn("%D2", "4(%3)")" \n" \
321 "3: \n" \
322 " .insn \n" \
323 " .section .fixup,\"ax\" \n" \
324 "4: li %0, %4 \n" \
325 " j 3b \n" \
326 " .previous \n" \
327 " .section __ex_table,\"a\" \n" \
328 " " __UA_ADDR " 1b, 4b \n" \
329 " " __UA_ADDR " 2b, 4b \n" \
330 " .previous" \
331 : "=r" (__pu_err) \
332 : "0" (0), "r" (__pu_val), "r" (ptr), \
333 "i" (-EFAULT)); \
334 }
335
336 #define __put_kernel_nofault(dst, src, type, err_label) \
337 do { \
338 type __pu_val; \
339 int __pu_err = 0; \
340 \
341 __pu_val = *(__force type *)(src); \
342 switch (sizeof(type)) { \
343 case 1: \
344 __put_data_asm(kernel_sb, (type *)(dst)); \
345 break; \
346 case 2: \
347 __put_data_asm(kernel_sh, (type *)(dst)); \
348 break; \
349 case 4: \
350 __put_data_asm(kernel_sw, (type *)(dst)) \
351 break; \
352 case 8: \
353 __PUT_DW(kernel_sd, (type *)(dst)); \
354 break; \
355 default: \
356 BUILD_BUG(); \
357 break; \
358 } \
359 if (unlikely(__pu_err)) \
360 goto err_label; \
361 } while (0)
362
363
364 /*
365 * We're generating jump to subroutines which will be outside the range of
366 * jump instructions
367 */
368 #ifdef MODULE
369 #define __MODULE_JAL(destination) \
370 ".set\tnoat\n\t" \
371 __UA_LA "\t$1, " #destination "\n\t" \
372 "jalr\t$1\n\t" \
373 ".set\tat\n\t"
374 #else
375 #define __MODULE_JAL(destination) \
376 "jal\t" #destination "\n\t"
377 #endif
378
379 #if defined(CONFIG_CPU_DADDI_WORKAROUNDS) || (defined(CONFIG_EVA) && \
380 defined(CONFIG_CPU_HAS_PREFETCH))
381 #define DADDI_SCRATCH "$3"
382 #else
383 #define DADDI_SCRATCH "$0"
384 #endif
385
386 extern size_t __raw_copy_from_user(void *__to, const void *__from, size_t __n);
387 extern size_t __raw_copy_to_user(void *__to, const void *__from, size_t __n);
388
389 static inline unsigned long
raw_copy_from_user(void * to,const void __user * from,unsigned long n)390 raw_copy_from_user(void *to, const void __user *from, unsigned long n)
391 {
392 register void *__cu_to_r __asm__("$4");
393 register const void __user *__cu_from_r __asm__("$5");
394 register long __cu_len_r __asm__("$6");
395
396 __cu_to_r = to;
397 __cu_from_r = from;
398 __cu_len_r = n;
399
400 __asm__ __volatile__(
401 ".set\tnoreorder\n\t"
402 __MODULE_JAL(__raw_copy_from_user)
403 ".set\tnoat\n\t"
404 __UA_ADDU "\t$1, %1, %2\n\t"
405 ".set\tat\n\t"
406 ".set\treorder"
407 : "+r" (__cu_to_r), "+r" (__cu_from_r), "+r" (__cu_len_r)
408 :
409 : "$8", "$9", "$10", "$11", "$12", "$14", "$15", "$24", "$31",
410 DADDI_SCRATCH, "memory");
411
412 return __cu_len_r;
413 }
414
415 static inline unsigned long
raw_copy_to_user(void __user * to,const void * from,unsigned long n)416 raw_copy_to_user(void __user *to, const void *from, unsigned long n)
417 {
418 register void __user *__cu_to_r __asm__("$4");
419 register const void *__cu_from_r __asm__("$5");
420 register long __cu_len_r __asm__("$6");
421
422 __cu_to_r = (to);
423 __cu_from_r = (from);
424 __cu_len_r = (n);
425
426 __asm__ __volatile__(
427 __MODULE_JAL(__raw_copy_to_user)
428 : "+r" (__cu_to_r), "+r" (__cu_from_r), "+r" (__cu_len_r)
429 :
430 : "$8", "$9", "$10", "$11", "$12", "$14", "$15", "$24", "$31",
431 DADDI_SCRATCH, "memory");
432
433 return __cu_len_r;
434 }
435
436 #define INLINE_COPY_FROM_USER
437 #define INLINE_COPY_TO_USER
438
439 extern __kernel_size_t __bzero(void __user *addr, __kernel_size_t size);
440
441 /*
442 * __clear_user: - Zero a block of memory in user space, with less checking.
443 * @to: Destination address, in user space.
444 * @n: Number of bytes to zero.
445 *
446 * Zero a block of memory in user space. Caller must check
447 * the specified block with access_ok() before calling this function.
448 *
449 * Returns number of bytes that could not be cleared.
450 * On success, this will be zero.
451 */
452 static inline __kernel_size_t
__clear_user(void __user * addr,__kernel_size_t size)453 __clear_user(void __user *addr, __kernel_size_t size)
454 {
455 __kernel_size_t res;
456
457 #ifdef CONFIG_CPU_MICROMIPS
458 /* micromips memset / bzero also clobbers t7 & t8 */
459 #define bzero_clobbers "$4", "$5", "$6", __UA_t0, __UA_t1, "$15", "$24", "$31"
460 #else
461 #define bzero_clobbers "$4", "$5", "$6", __UA_t0, __UA_t1, "$31"
462 #endif /* CONFIG_CPU_MICROMIPS */
463
464 might_fault();
465 __asm__ __volatile__(
466 "move\t$4, %1\n\t"
467 "move\t$5, $0\n\t"
468 "move\t$6, %2\n\t"
469 __MODULE_JAL(__bzero)
470 "move\t%0, $6"
471 : "=r" (res)
472 : "r" (addr), "r" (size)
473 : bzero_clobbers);
474
475 return res;
476 }
477
478 #define clear_user(addr,n) \
479 ({ \
480 void __user * __cl_addr = (addr); \
481 unsigned long __cl_size = (n); \
482 if (__cl_size && access_ok(__cl_addr, __cl_size)) \
483 __cl_size = __clear_user(__cl_addr, __cl_size); \
484 __cl_size; \
485 })
486
487 extern long __strncpy_from_user_asm(char *__to, const char __user *__from, long __len);
488
489 /*
490 * strncpy_from_user: - Copy a NUL terminated string from userspace.
491 * @dst: Destination address, in kernel space. This buffer must be at
492 * least @count bytes long.
493 * @src: Source address, in user space.
494 * @count: Maximum number of bytes to copy, including the trailing NUL.
495 *
496 * Copies a NUL-terminated string from userspace to kernel space.
497 *
498 * On success, returns the length of the string (not including the trailing
499 * NUL).
500 *
501 * If access to userspace fails, returns -EFAULT (some data may have been
502 * copied).
503 *
504 * If @count is smaller than the length of the string, copies @count bytes
505 * and returns @count.
506 */
507 static inline long
strncpy_from_user(char * __to,const char __user * __from,long __len)508 strncpy_from_user(char *__to, const char __user *__from, long __len)
509 {
510 long res;
511
512 if (!access_ok(__from, __len))
513 return -EFAULT;
514
515 might_fault();
516 __asm__ __volatile__(
517 "move\t$4, %1\n\t"
518 "move\t$5, %2\n\t"
519 "move\t$6, %3\n\t"
520 __MODULE_JAL(__strncpy_from_user_asm)
521 "move\t%0, $2"
522 : "=r" (res)
523 : "r" (__to), "r" (__from), "r" (__len)
524 : "$2", "$3", "$4", "$5", "$6", __UA_t0, "$31", "memory");
525
526 return res;
527 }
528
529 extern long __strnlen_user_asm(const char __user *s, long n);
530
531 /*
532 * strnlen_user: - Get the size of a string in user space.
533 * @str: The string to measure.
534 *
535 * Context: User context only. This function may sleep if pagefaults are
536 * enabled.
537 *
538 * Get the size of a NUL-terminated string in user space.
539 *
540 * Returns the size of the string INCLUDING the terminating NUL.
541 * On exception, returns 0.
542 * If the string is too long, returns a value greater than @n.
543 */
strnlen_user(const char __user * s,long n)544 static inline long strnlen_user(const char __user *s, long n)
545 {
546 long res;
547
548 if (!access_ok(s, 1))
549 return 0;
550
551 might_fault();
552 __asm__ __volatile__(
553 "move\t$4, %1\n\t"
554 "move\t$5, %2\n\t"
555 __MODULE_JAL(__strnlen_user_asm)
556 "move\t%0, $2"
557 : "=r" (res)
558 : "r" (s), "r" (n)
559 : "$2", "$4", "$5", __UA_t0, "$31");
560
561 return res;
562 }
563
564 #endif /* _ASM_UACCESS_H */
565