1 /* 2 * include/asm-s390/uaccess.h 3 * 4 * S390 version 5 * Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation 6 * Author(s): Hartmut Penner (hp@de.ibm.com), 7 * Martin Schwidefsky (schwidefsky@de.ibm.com) 8 * 9 * Derived from "include/asm-i386/uaccess.h" 10 */ 11 #ifndef __S390_UACCESS_H 12 #define __S390_UACCESS_H 13 14 /* 15 * User space memory access functions 16 */ 17 #include <linux/sched.h> 18 #include <linux/errno.h> 19 20 #define VERIFY_READ 0 21 #define VERIFY_WRITE 1 22 23 24 /* 25 * The fs value determines whether argument validity checking should be 26 * performed or not. If get_fs() == USER_DS, checking is performed, with 27 * get_fs() == KERNEL_DS, checking is bypassed. 28 * 29 * For historical reasons, these macros are grossly misnamed. 30 */ 31 32 #define MAKE_MM_SEG(a) ((mm_segment_t) { (a) }) 33 34 35 #define KERNEL_DS MAKE_MM_SEG(0) 36 #define USER_DS MAKE_MM_SEG(1) 37 38 #define get_ds() (KERNEL_DS) 39 #define get_fs() (current->thread.mm_segment) 40 41 #define set_fs(x) \ 42 ({ \ 43 unsigned long __pto; \ 44 current->thread.mm_segment = (x); \ 45 __pto = current->thread.mm_segment.ar4 ? \ 46 S390_lowcore.user_asce : S390_lowcore.kernel_asce; \ 47 __ctl_load(__pto, 7, 7); \ 48 }) 49 50 #define segment_eq(a,b) ((a).ar4 == (b).ar4) 51 52 53 static inline int __access_ok(const void __user *addr, unsigned long size) 54 { 55 return 1; 56 } 57 #define access_ok(type,addr,size) __access_ok(addr,size) 58 59 /* 60 * The exception table consists of pairs of addresses: the first is the 61 * address of an instruction that is allowed to fault, and the second is 62 * the address at which the program should continue. No registers are 63 * modified, so it is entirely up to the continuation code to figure out 64 * what to do. 65 * 66 * All the routines below use bits of fixup code that are out of line 67 * with the main instruction path. This means when everything is well, 68 * we don't even have to jump over them. Further, they do not intrude 69 * on our cache or tlb entries. 70 */ 71 72 struct exception_table_entry 73 { 74 unsigned long insn, fixup; 75 }; 76 77 struct uaccess_ops { 78 size_t (*copy_from_user)(size_t, const void __user *, void *); 79 size_t (*copy_from_user_small)(size_t, const void __user *, void *); 80 size_t (*copy_to_user)(size_t, void __user *, const void *); 81 size_t (*copy_to_user_small)(size_t, void __user *, const void *); 82 size_t (*copy_in_user)(size_t, void __user *, const void __user *); 83 size_t (*clear_user)(size_t, void __user *); 84 size_t (*strnlen_user)(size_t, const char __user *); 85 size_t (*strncpy_from_user)(size_t, const char __user *, char *); 86 int (*futex_atomic_op)(int op, int __user *, int oparg, int *old); 87 int (*futex_atomic_cmpxchg)(int __user *, int old, int new); 88 }; 89 90 extern struct uaccess_ops uaccess; 91 extern struct uaccess_ops uaccess_std; 92 extern struct uaccess_ops uaccess_mvcos; 93 extern struct uaccess_ops uaccess_mvcos_switch; 94 extern struct uaccess_ops uaccess_pt; 95 96 extern int __handle_fault(unsigned long, unsigned long, int); 97 98 static inline int __put_user_fn(size_t size, void __user *ptr, void *x) 99 { 100 size = uaccess.copy_to_user_small(size, ptr, x); 101 return size ? -EFAULT : size; 102 } 103 104 static inline int __get_user_fn(size_t size, const void __user *ptr, void *x) 105 { 106 size = uaccess.copy_from_user_small(size, ptr, x); 107 return size ? -EFAULT : size; 108 } 109 110 /* 111 * These are the main single-value transfer routines. They automatically 112 * use the right size if we just have the right pointer type. 113 */ 114 #define __put_user(x, ptr) \ 115 ({ \ 116 __typeof__(*(ptr)) __x = (x); \ 117 int __pu_err = -EFAULT; \ 118 __chk_user_ptr(ptr); \ 119 switch (sizeof (*(ptr))) { \ 120 case 1: \ 121 case 2: \ 122 case 4: \ 123 case 8: \ 124 __pu_err = __put_user_fn(sizeof (*(ptr)), \ 125 ptr, &__x); \ 126 break; \ 127 default: \ 128 __put_user_bad(); \ 129 break; \ 130 } \ 131 __pu_err; \ 132 }) 133 134 #define put_user(x, ptr) \ 135 ({ \ 136 might_fault(); \ 137 __put_user(x, ptr); \ 138 }) 139 140 141 extern int __put_user_bad(void) __attribute__((noreturn)); 142 143 #define __get_user(x, ptr) \ 144 ({ \ 145 int __gu_err = -EFAULT; \ 146 __chk_user_ptr(ptr); \ 147 switch (sizeof(*(ptr))) { \ 148 case 1: { \ 149 unsigned char __x; \ 150 __gu_err = __get_user_fn(sizeof (*(ptr)), \ 151 ptr, &__x); \ 152 (x) = *(__force __typeof__(*(ptr)) *) &__x; \ 153 break; \ 154 }; \ 155 case 2: { \ 156 unsigned short __x; \ 157 __gu_err = __get_user_fn(sizeof (*(ptr)), \ 158 ptr, &__x); \ 159 (x) = *(__force __typeof__(*(ptr)) *) &__x; \ 160 break; \ 161 }; \ 162 case 4: { \ 163 unsigned int __x; \ 164 __gu_err = __get_user_fn(sizeof (*(ptr)), \ 165 ptr, &__x); \ 166 (x) = *(__force __typeof__(*(ptr)) *) &__x; \ 167 break; \ 168 }; \ 169 case 8: { \ 170 unsigned long long __x; \ 171 __gu_err = __get_user_fn(sizeof (*(ptr)), \ 172 ptr, &__x); \ 173 (x) = *(__force __typeof__(*(ptr)) *) &__x; \ 174 break; \ 175 }; \ 176 default: \ 177 __get_user_bad(); \ 178 break; \ 179 } \ 180 __gu_err; \ 181 }) 182 183 #define get_user(x, ptr) \ 184 ({ \ 185 might_fault(); \ 186 __get_user(x, ptr); \ 187 }) 188 189 extern int __get_user_bad(void) __attribute__((noreturn)); 190 191 #define __put_user_unaligned __put_user 192 #define __get_user_unaligned __get_user 193 194 /** 195 * __copy_to_user: - Copy a block of data into user space, with less checking. 196 * @to: Destination address, in user space. 197 * @from: Source address, in kernel space. 198 * @n: Number of bytes to copy. 199 * 200 * Context: User context only. This function may sleep. 201 * 202 * Copy data from kernel space to user space. Caller must check 203 * the specified block with access_ok() before calling this function. 204 * 205 * Returns number of bytes that could not be copied. 206 * On success, this will be zero. 207 */ 208 static inline unsigned long __must_check 209 __copy_to_user(void __user *to, const void *from, unsigned long n) 210 { 211 if (__builtin_constant_p(n) && (n <= 256)) 212 return uaccess.copy_to_user_small(n, to, from); 213 else 214 return uaccess.copy_to_user(n, to, from); 215 } 216 217 #define __copy_to_user_inatomic __copy_to_user 218 #define __copy_from_user_inatomic __copy_from_user 219 220 /** 221 * copy_to_user: - Copy a block of data into user space. 222 * @to: Destination address, in user space. 223 * @from: Source address, in kernel space. 224 * @n: Number of bytes to copy. 225 * 226 * Context: User context only. This function may sleep. 227 * 228 * Copy data from kernel space to user space. 229 * 230 * Returns number of bytes that could not be copied. 231 * On success, this will be zero. 232 */ 233 static inline unsigned long __must_check 234 copy_to_user(void __user *to, const void *from, unsigned long n) 235 { 236 might_fault(); 237 if (access_ok(VERIFY_WRITE, to, n)) 238 n = __copy_to_user(to, from, n); 239 return n; 240 } 241 242 /** 243 * __copy_from_user: - Copy a block of data from user space, with less checking. 244 * @to: Destination address, in kernel space. 245 * @from: Source address, in user space. 246 * @n: Number of bytes to copy. 247 * 248 * Context: User context only. This function may sleep. 249 * 250 * Copy data from user space to kernel space. Caller must check 251 * the specified block with access_ok() before calling this function. 252 * 253 * Returns number of bytes that could not be copied. 254 * On success, this will be zero. 255 * 256 * If some data could not be copied, this function will pad the copied 257 * data to the requested size using zero bytes. 258 */ 259 static inline unsigned long __must_check 260 __copy_from_user(void *to, const void __user *from, unsigned long n) 261 { 262 if (__builtin_constant_p(n) && (n <= 256)) 263 return uaccess.copy_from_user_small(n, from, to); 264 else 265 return uaccess.copy_from_user(n, from, to); 266 } 267 268 extern void copy_from_user_overflow(void) 269 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS 270 __compiletime_warning("copy_from_user() buffer size is not provably correct") 271 #endif 272 ; 273 274 /** 275 * copy_from_user: - Copy a block of data from user space. 276 * @to: Destination address, in kernel space. 277 * @from: Source address, in user space. 278 * @n: Number of bytes to copy. 279 * 280 * Context: User context only. This function may sleep. 281 * 282 * Copy data from user space to kernel space. 283 * 284 * Returns number of bytes that could not be copied. 285 * On success, this will be zero. 286 * 287 * If some data could not be copied, this function will pad the copied 288 * data to the requested size using zero bytes. 289 */ 290 static inline unsigned long __must_check 291 copy_from_user(void *to, const void __user *from, unsigned long n) 292 { 293 unsigned int sz = __compiletime_object_size(to); 294 295 might_fault(); 296 if (unlikely(sz != -1 && sz < n)) { 297 copy_from_user_overflow(); 298 return n; 299 } 300 if (access_ok(VERIFY_READ, from, n)) 301 n = __copy_from_user(to, from, n); 302 else 303 memset(to, 0, n); 304 return n; 305 } 306 307 static inline unsigned long __must_check 308 __copy_in_user(void __user *to, const void __user *from, unsigned long n) 309 { 310 return uaccess.copy_in_user(n, to, from); 311 } 312 313 static inline unsigned long __must_check 314 copy_in_user(void __user *to, const void __user *from, unsigned long n) 315 { 316 might_fault(); 317 if (__access_ok(from,n) && __access_ok(to,n)) 318 n = __copy_in_user(to, from, n); 319 return n; 320 } 321 322 /* 323 * Copy a null terminated string from userspace. 324 */ 325 static inline long __must_check 326 strncpy_from_user(char *dst, const char __user *src, long count) 327 { 328 long res = -EFAULT; 329 might_fault(); 330 if (access_ok(VERIFY_READ, src, 1)) 331 res = uaccess.strncpy_from_user(count, src, dst); 332 return res; 333 } 334 335 static inline unsigned long 336 strnlen_user(const char __user * src, unsigned long n) 337 { 338 might_fault(); 339 return uaccess.strnlen_user(n, src); 340 } 341 342 /** 343 * strlen_user: - Get the size of a string in user space. 344 * @str: The string to measure. 345 * 346 * Context: User context only. This function may sleep. 347 * 348 * Get the size of a NUL-terminated string in user space. 349 * 350 * Returns the size of the string INCLUDING the terminating NUL. 351 * On exception, returns 0. 352 * 353 * If there is a limit on the length of a valid string, you may wish to 354 * consider using strnlen_user() instead. 355 */ 356 #define strlen_user(str) strnlen_user(str, ~0UL) 357 358 /* 359 * Zero Userspace 360 */ 361 362 static inline unsigned long __must_check 363 __clear_user(void __user *to, unsigned long n) 364 { 365 return uaccess.clear_user(n, to); 366 } 367 368 static inline unsigned long __must_check 369 clear_user(void __user *to, unsigned long n) 370 { 371 might_fault(); 372 if (access_ok(VERIFY_WRITE, to, n)) 373 n = uaccess.clear_user(n, to); 374 return n; 375 } 376 377 #endif /* __S390_UACCESS_H */ 378