xref: /openbmc/linux/arch/s390/include/asm/uaccess.h (revision 161f4089) 
1 /*
2  *  S390 version
3  *    Copyright IBM Corp. 1999, 2000
4  *    Author(s): Hartmut Penner (hp@de.ibm.com),
5  *               Martin Schwidefsky (schwidefsky@de.ibm.com)
6  *
7  *  Derived from "include/asm-i386/uaccess.h"
8  */
9 #ifndef __S390_UACCESS_H
10 #define __S390_UACCESS_H
11 
12 /*
13  * User space memory access functions
14  */
15 #include <linux/sched.h>
16 #include <linux/errno.h>
17 #include <asm/ctl_reg.h>
18 
19 #define VERIFY_READ     0
20 #define VERIFY_WRITE    1
21 
22 
23 /*
24  * The fs value determines whether argument validity checking should be
25  * performed or not.  If get_fs() == USER_DS, checking is performed, with
26  * get_fs() == KERNEL_DS, checking is bypassed.
27  *
28  * For historical reasons, these macros are grossly misnamed.
29  */
30 
31 #define MAKE_MM_SEG(a)  ((mm_segment_t) { (a) })
32 
33 
34 #define KERNEL_DS       MAKE_MM_SEG(0)
35 #define USER_DS         MAKE_MM_SEG(1)
36 
37 #define get_ds()        (KERNEL_DS)
38 #define get_fs()        (current->thread.mm_segment)
39 
40 #define set_fs(x) \
41 ({									\
42 	unsigned long __pto;						\
43 	current->thread.mm_segment = (x);				\
44 	__pto = current->thread.mm_segment.ar4 ?			\
45 		S390_lowcore.user_asce : S390_lowcore.kernel_asce;	\
46 	__ctl_load(__pto, 7, 7);					\
47 })
48 
49 #define segment_eq(a,b) ((a).ar4 == (b).ar4)
50 
51 static inline int __range_ok(unsigned long addr, unsigned long size)
52 {
53 	return 1;
54 }
55 
56 #define __access_ok(addr, size)				\
57 ({							\
58 	__chk_user_ptr(addr);				\
59 	__range_ok((unsigned long)(addr), (size));	\
60 })
61 
62 #define access_ok(type, addr, size) __access_ok(addr, size)
63 
64 /*
65  * The exception table consists of pairs of addresses: the first is the
66  * address of an instruction that is allowed to fault, and the second is
67  * the address at which the program should continue.  No registers are
68  * modified, so it is entirely up to the continuation code to figure out
69  * what to do.
70  *
71  * All the routines below use bits of fixup code that are out of line
72  * with the main instruction path.  This means when everything is well,
73  * we don't even have to jump over them.  Further, they do not intrude
74  * on our cache or tlb entries.
75  */
76 
77 struct exception_table_entry
78 {
79 	int insn, fixup;
80 };
81 
82 static inline unsigned long extable_insn(const struct exception_table_entry *x)
83 {
84 	return (unsigned long)&x->insn + x->insn;
85 }
86 
87 static inline unsigned long extable_fixup(const struct exception_table_entry *x)
88 {
89 	return (unsigned long)&x->fixup + x->fixup;
90 }
91 
92 #define ARCH_HAS_SORT_EXTABLE
93 #define ARCH_HAS_SEARCH_EXTABLE
94 
95 struct uaccess_ops {
96 	size_t (*copy_from_user)(size_t, const void __user *, void *);
97 	size_t (*copy_to_user)(size_t, void __user *, const void *);
98 	size_t (*copy_in_user)(size_t, void __user *, const void __user *);
99 	size_t (*clear_user)(size_t, void __user *);
100 	size_t (*strnlen_user)(size_t, const char __user *);
101 	size_t (*strncpy_from_user)(size_t, const char __user *, char *);
102 	int (*futex_atomic_op)(int op, u32 __user *, int oparg, int *old);
103 	int (*futex_atomic_cmpxchg)(u32 *, u32 __user *, u32 old, u32 new);
104 };
105 
106 extern struct uaccess_ops uaccess;
107 extern struct uaccess_ops uaccess_mvcos;
108 extern struct uaccess_ops uaccess_pt;
109 
110 extern int __handle_fault(unsigned long, unsigned long, int);
111 
112 static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
113 {
114 	size = uaccess.copy_to_user(size, ptr, x);
115 	return size ? -EFAULT : size;
116 }
117 
118 static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
119 {
120 	size = uaccess.copy_from_user(size, ptr, x);
121 	return size ? -EFAULT : size;
122 }
123 
124 /*
125  * These are the main single-value transfer routines.  They automatically
126  * use the right size if we just have the right pointer type.
127  */
128 #define __put_user(x, ptr) \
129 ({								\
130 	__typeof__(*(ptr)) __x = (x);				\
131 	int __pu_err = -EFAULT;					\
132         __chk_user_ptr(ptr);                                    \
133 	switch (sizeof (*(ptr))) {				\
134 	case 1:							\
135 	case 2:							\
136 	case 4:							\
137 	case 8:							\
138 		__pu_err = __put_user_fn(sizeof (*(ptr)),	\
139 					 ptr, &__x);		\
140 		break;						\
141 	default:						\
142 		__put_user_bad();				\
143 		break;						\
144 	 }							\
145 	__pu_err;						\
146 })
147 
148 #define put_user(x, ptr)					\
149 ({								\
150 	might_fault();						\
151 	__put_user(x, ptr);					\
152 })
153 
154 
155 extern int __put_user_bad(void) __attribute__((noreturn));
156 
157 #define __get_user(x, ptr)					\
158 ({								\
159 	int __gu_err = -EFAULT;					\
160 	__chk_user_ptr(ptr);					\
161 	switch (sizeof(*(ptr))) {				\
162 	case 1: {						\
163 		unsigned char __x;				\
164 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
165 					 ptr, &__x);		\
166 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
167 		break;						\
168 	};							\
169 	case 2: {						\
170 		unsigned short __x;				\
171 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
172 					 ptr, &__x);		\
173 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
174 		break;						\
175 	};							\
176 	case 4: {						\
177 		unsigned int __x;				\
178 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
179 					 ptr, &__x);		\
180 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
181 		break;						\
182 	};							\
183 	case 8: {						\
184 		unsigned long long __x;				\
185 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
186 					 ptr, &__x);		\
187 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
188 		break;						\
189 	};							\
190 	default:						\
191 		__get_user_bad();				\
192 		break;						\
193 	}							\
194 	__gu_err;						\
195 })
196 
197 #define get_user(x, ptr)					\
198 ({								\
199 	might_fault();						\
200 	__get_user(x, ptr);					\
201 })
202 
203 extern int __get_user_bad(void) __attribute__((noreturn));
204 
205 #define __put_user_unaligned __put_user
206 #define __get_user_unaligned __get_user
207 
208 /**
209  * __copy_to_user: - Copy a block of data into user space, with less checking.
210  * @to:   Destination address, in user space.
211  * @from: Source address, in kernel space.
212  * @n:    Number of bytes to copy.
213  *
214  * Context: User context only.  This function may sleep.
215  *
216  * Copy data from kernel space to user space.  Caller must check
217  * the specified block with access_ok() before calling this function.
218  *
219  * Returns number of bytes that could not be copied.
220  * On success, this will be zero.
221  */
222 static inline unsigned long __must_check
223 __copy_to_user(void __user *to, const void *from, unsigned long n)
224 {
225 	return uaccess.copy_to_user(n, to, from);
226 }
227 
228 #define __copy_to_user_inatomic __copy_to_user
229 #define __copy_from_user_inatomic __copy_from_user
230 
231 /**
232  * copy_to_user: - Copy a block of data into user space.
233  * @to:   Destination address, in user space.
234  * @from: Source address, in kernel space.
235  * @n:    Number of bytes to copy.
236  *
237  * Context: User context only.  This function may sleep.
238  *
239  * Copy data from kernel space to user space.
240  *
241  * Returns number of bytes that could not be copied.
242  * On success, this will be zero.
243  */
244 static inline unsigned long __must_check
245 copy_to_user(void __user *to, const void *from, unsigned long n)
246 {
247 	might_fault();
248 	return __copy_to_user(to, from, n);
249 }
250 
251 /**
252  * __copy_from_user: - Copy a block of data from user space, with less checking.
253  * @to:   Destination address, in kernel space.
254  * @from: Source address, in user space.
255  * @n:    Number of bytes to copy.
256  *
257  * Context: User context only.  This function may sleep.
258  *
259  * Copy data from user space to kernel space.  Caller must check
260  * the specified block with access_ok() before calling this function.
261  *
262  * Returns number of bytes that could not be copied.
263  * On success, this will be zero.
264  *
265  * If some data could not be copied, this function will pad the copied
266  * data to the requested size using zero bytes.
267  */
268 static inline unsigned long __must_check
269 __copy_from_user(void *to, const void __user *from, unsigned long n)
270 {
271 	return uaccess.copy_from_user(n, from, to);
272 }
273 
274 extern void copy_from_user_overflow(void)
275 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
276 __compiletime_warning("copy_from_user() buffer size is not provably correct")
277 #endif
278 ;
279 
280 /**
281  * copy_from_user: - Copy a block of data from user space.
282  * @to:   Destination address, in kernel space.
283  * @from: Source address, in user space.
284  * @n:    Number of bytes to copy.
285  *
286  * Context: User context only.  This function may sleep.
287  *
288  * Copy data from user space to kernel space.
289  *
290  * Returns number of bytes that could not be copied.
291  * On success, this will be zero.
292  *
293  * If some data could not be copied, this function will pad the copied
294  * data to the requested size using zero bytes.
295  */
296 static inline unsigned long __must_check
297 copy_from_user(void *to, const void __user *from, unsigned long n)
298 {
299 	unsigned int sz = __compiletime_object_size(to);
300 
301 	might_fault();
302 	if (unlikely(sz != -1 && sz < n)) {
303 		copy_from_user_overflow();
304 		return n;
305 	}
306 	return __copy_from_user(to, from, n);
307 }
308 
309 static inline unsigned long __must_check
310 __copy_in_user(void __user *to, const void __user *from, unsigned long n)
311 {
312 	return uaccess.copy_in_user(n, to, from);
313 }
314 
315 static inline unsigned long __must_check
316 copy_in_user(void __user *to, const void __user *from, unsigned long n)
317 {
318 	might_fault();
319 	return __copy_in_user(to, from, n);
320 }
321 
322 /*
323  * Copy a null terminated string from userspace.
324  */
325 static inline long __must_check
326 strncpy_from_user(char *dst, const char __user *src, long count)
327 {
328 	might_fault();
329 	return uaccess.strncpy_from_user(count, src, dst);
330 }
331 
332 static inline unsigned long
333 strnlen_user(const char __user * src, unsigned long n)
334 {
335 	might_fault();
336 	return uaccess.strnlen_user(n, src);
337 }
338 
339 /**
340  * strlen_user: - Get the size of a string in user space.
341  * @str: The string to measure.
342  *
343  * Context: User context only.  This function may sleep.
344  *
345  * Get the size of a NUL-terminated string in user space.
346  *
347  * Returns the size of the string INCLUDING the terminating NUL.
348  * On exception, returns 0.
349  *
350  * If there is a limit on the length of a valid string, you may wish to
351  * consider using strnlen_user() instead.
352  */
353 #define strlen_user(str) strnlen_user(str, ~0UL)
354 
355 /*
356  * Zero Userspace
357  */
358 
359 static inline unsigned long __must_check
360 __clear_user(void __user *to, unsigned long n)
361 {
362 	return uaccess.clear_user(n, to);
363 }
364 
365 static inline unsigned long __must_check
366 clear_user(void __user *to, unsigned long n)
367 {
368 	might_fault();
369 	return uaccess.clear_user(n, to);
370 }
371 
372 extern int copy_to_user_real(void __user *dest, void *src, size_t count);
373 extern int copy_from_user_real(void *dest, void __user *src, size_t count);
374 
375 #endif /* __S390_UACCESS_H */
376