xref: /openbmc/linux/arch/s390/include/asm/uaccess.h (revision 63dc02bd) 
1 /*
2  *  include/asm-s390/uaccess.h
3  *
4  *  S390 version
5  *    Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation
6  *    Author(s): Hartmut Penner (hp@de.ibm.com),
7  *               Martin Schwidefsky (schwidefsky@de.ibm.com)
8  *
9  *  Derived from "include/asm-i386/uaccess.h"
10  */
11 #ifndef __S390_UACCESS_H
12 #define __S390_UACCESS_H
13 
14 /*
15  * User space memory access functions
16  */
17 #include <linux/sched.h>
18 #include <linux/errno.h>
19 #include <asm/ctl_reg.h>
20 
21 #define VERIFY_READ     0
22 #define VERIFY_WRITE    1
23 
24 
25 /*
26  * The fs value determines whether argument validity checking should be
27  * performed or not.  If get_fs() == USER_DS, checking is performed, with
28  * get_fs() == KERNEL_DS, checking is bypassed.
29  *
30  * For historical reasons, these macros are grossly misnamed.
31  */
32 
33 #define MAKE_MM_SEG(a)  ((mm_segment_t) { (a) })
34 
35 
36 #define KERNEL_DS       MAKE_MM_SEG(0)
37 #define USER_DS         MAKE_MM_SEG(1)
38 
39 #define get_ds()        (KERNEL_DS)
40 #define get_fs()        (current->thread.mm_segment)
41 
42 #define set_fs(x) \
43 ({									\
44 	unsigned long __pto;						\
45 	current->thread.mm_segment = (x);				\
46 	__pto = current->thread.mm_segment.ar4 ?			\
47 		S390_lowcore.user_asce : S390_lowcore.kernel_asce;	\
48 	__ctl_load(__pto, 7, 7);					\
49 })
50 
51 #define segment_eq(a,b) ((a).ar4 == (b).ar4)
52 
53 #define __access_ok(addr, size)	\
54 ({				\
55 	__chk_user_ptr(addr);	\
56 	1;			\
57 })
58 
59 #define access_ok(type, addr, size) __access_ok(addr, size)
60 
61 /*
62  * The exception table consists of pairs of addresses: the first is the
63  * address of an instruction that is allowed to fault, and the second is
64  * the address at which the program should continue.  No registers are
65  * modified, so it is entirely up to the continuation code to figure out
66  * what to do.
67  *
68  * All the routines below use bits of fixup code that are out of line
69  * with the main instruction path.  This means when everything is well,
70  * we don't even have to jump over them.  Further, they do not intrude
71  * on our cache or tlb entries.
72  */
73 
74 struct exception_table_entry
75 {
76         unsigned long insn, fixup;
77 };
78 
79 struct uaccess_ops {
80 	size_t (*copy_from_user)(size_t, const void __user *, void *);
81 	size_t (*copy_from_user_small)(size_t, const void __user *, void *);
82 	size_t (*copy_to_user)(size_t, void __user *, const void *);
83 	size_t (*copy_to_user_small)(size_t, void __user *, const void *);
84 	size_t (*copy_in_user)(size_t, void __user *, const void __user *);
85 	size_t (*clear_user)(size_t, void __user *);
86 	size_t (*strnlen_user)(size_t, const char __user *);
87 	size_t (*strncpy_from_user)(size_t, const char __user *, char *);
88 	int (*futex_atomic_op)(int op, u32 __user *, int oparg, int *old);
89 	int (*futex_atomic_cmpxchg)(u32 *, u32 __user *, u32 old, u32 new);
90 };
91 
92 extern struct uaccess_ops uaccess;
93 extern struct uaccess_ops uaccess_std;
94 extern struct uaccess_ops uaccess_mvcos;
95 extern struct uaccess_ops uaccess_mvcos_switch;
96 extern struct uaccess_ops uaccess_pt;
97 
98 extern int __handle_fault(unsigned long, unsigned long, int);
99 
100 static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
101 {
102 	size = uaccess.copy_to_user_small(size, ptr, x);
103 	return size ? -EFAULT : size;
104 }
105 
106 static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
107 {
108 	size = uaccess.copy_from_user_small(size, ptr, x);
109 	return size ? -EFAULT : size;
110 }
111 
112 /*
113  * These are the main single-value transfer routines.  They automatically
114  * use the right size if we just have the right pointer type.
115  */
116 #define __put_user(x, ptr) \
117 ({								\
118 	__typeof__(*(ptr)) __x = (x);				\
119 	int __pu_err = -EFAULT;					\
120         __chk_user_ptr(ptr);                                    \
121 	switch (sizeof (*(ptr))) {				\
122 	case 1:							\
123 	case 2:							\
124 	case 4:							\
125 	case 8:							\
126 		__pu_err = __put_user_fn(sizeof (*(ptr)),	\
127 					 ptr, &__x);		\
128 		break;						\
129 	default:						\
130 		__put_user_bad();				\
131 		break;						\
132 	 }							\
133 	__pu_err;						\
134 })
135 
136 #define put_user(x, ptr)					\
137 ({								\
138 	might_fault();						\
139 	__put_user(x, ptr);					\
140 })
141 
142 
143 extern int __put_user_bad(void) __attribute__((noreturn));
144 
145 #define __get_user(x, ptr)					\
146 ({								\
147 	int __gu_err = -EFAULT;					\
148 	__chk_user_ptr(ptr);					\
149 	switch (sizeof(*(ptr))) {				\
150 	case 1: {						\
151 		unsigned char __x;				\
152 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
153 					 ptr, &__x);		\
154 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
155 		break;						\
156 	};							\
157 	case 2: {						\
158 		unsigned short __x;				\
159 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
160 					 ptr, &__x);		\
161 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
162 		break;						\
163 	};							\
164 	case 4: {						\
165 		unsigned int __x;				\
166 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
167 					 ptr, &__x);		\
168 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
169 		break;						\
170 	};							\
171 	case 8: {						\
172 		unsigned long long __x;				\
173 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
174 					 ptr, &__x);		\
175 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
176 		break;						\
177 	};							\
178 	default:						\
179 		__get_user_bad();				\
180 		break;						\
181 	}							\
182 	__gu_err;						\
183 })
184 
185 #define get_user(x, ptr)					\
186 ({								\
187 	might_fault();						\
188 	__get_user(x, ptr);					\
189 })
190 
191 extern int __get_user_bad(void) __attribute__((noreturn));
192 
193 #define __put_user_unaligned __put_user
194 #define __get_user_unaligned __get_user
195 
196 /**
197  * __copy_to_user: - Copy a block of data into user space, with less checking.
198  * @to:   Destination address, in user space.
199  * @from: Source address, in kernel space.
200  * @n:    Number of bytes to copy.
201  *
202  * Context: User context only.  This function may sleep.
203  *
204  * Copy data from kernel space to user space.  Caller must check
205  * the specified block with access_ok() before calling this function.
206  *
207  * Returns number of bytes that could not be copied.
208  * On success, this will be zero.
209  */
210 static inline unsigned long __must_check
211 __copy_to_user(void __user *to, const void *from, unsigned long n)
212 {
213 	if (__builtin_constant_p(n) && (n <= 256))
214 		return uaccess.copy_to_user_small(n, to, from);
215 	else
216 		return uaccess.copy_to_user(n, to, from);
217 }
218 
219 #define __copy_to_user_inatomic __copy_to_user
220 #define __copy_from_user_inatomic __copy_from_user
221 
222 /**
223  * copy_to_user: - Copy a block of data into user space.
224  * @to:   Destination address, in user space.
225  * @from: Source address, in kernel space.
226  * @n:    Number of bytes to copy.
227  *
228  * Context: User context only.  This function may sleep.
229  *
230  * Copy data from kernel space to user space.
231  *
232  * Returns number of bytes that could not be copied.
233  * On success, this will be zero.
234  */
235 static inline unsigned long __must_check
236 copy_to_user(void __user *to, const void *from, unsigned long n)
237 {
238 	might_fault();
239 	if (access_ok(VERIFY_WRITE, to, n))
240 		n = __copy_to_user(to, from, n);
241 	return n;
242 }
243 
244 /**
245  * __copy_from_user: - Copy a block of data from user space, with less checking.
246  * @to:   Destination address, in kernel space.
247  * @from: Source address, in user space.
248  * @n:    Number of bytes to copy.
249  *
250  * Context: User context only.  This function may sleep.
251  *
252  * Copy data from user space to kernel space.  Caller must check
253  * the specified block with access_ok() before calling this function.
254  *
255  * Returns number of bytes that could not be copied.
256  * On success, this will be zero.
257  *
258  * If some data could not be copied, this function will pad the copied
259  * data to the requested size using zero bytes.
260  */
261 static inline unsigned long __must_check
262 __copy_from_user(void *to, const void __user *from, unsigned long n)
263 {
264 	if (__builtin_constant_p(n) && (n <= 256))
265 		return uaccess.copy_from_user_small(n, from, to);
266 	else
267 		return uaccess.copy_from_user(n, from, to);
268 }
269 
270 extern void copy_from_user_overflow(void)
271 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
272 __compiletime_warning("copy_from_user() buffer size is not provably correct")
273 #endif
274 ;
275 
276 /**
277  * copy_from_user: - Copy a block of data from user space.
278  * @to:   Destination address, in kernel space.
279  * @from: Source address, in user space.
280  * @n:    Number of bytes to copy.
281  *
282  * Context: User context only.  This function may sleep.
283  *
284  * Copy data from user space to kernel space.
285  *
286  * Returns number of bytes that could not be copied.
287  * On success, this will be zero.
288  *
289  * If some data could not be copied, this function will pad the copied
290  * data to the requested size using zero bytes.
291  */
292 static inline unsigned long __must_check
293 copy_from_user(void *to, const void __user *from, unsigned long n)
294 {
295 	unsigned int sz = __compiletime_object_size(to);
296 
297 	might_fault();
298 	if (unlikely(sz != -1 && sz < n)) {
299 		copy_from_user_overflow();
300 		return n;
301 	}
302 	if (access_ok(VERIFY_READ, from, n))
303 		n = __copy_from_user(to, from, n);
304 	else
305 		memset(to, 0, n);
306 	return n;
307 }
308 
309 static inline unsigned long __must_check
310 __copy_in_user(void __user *to, const void __user *from, unsigned long n)
311 {
312 	return uaccess.copy_in_user(n, to, from);
313 }
314 
315 static inline unsigned long __must_check
316 copy_in_user(void __user *to, const void __user *from, unsigned long n)
317 {
318 	might_fault();
319 	if (__access_ok(from,n) && __access_ok(to,n))
320 		n = __copy_in_user(to, from, n);
321 	return n;
322 }
323 
324 /*
325  * Copy a null terminated string from userspace.
326  */
327 static inline long __must_check
328 strncpy_from_user(char *dst, const char __user *src, long count)
329 {
330         long res = -EFAULT;
331 	might_fault();
332         if (access_ok(VERIFY_READ, src, 1))
333 		res = uaccess.strncpy_from_user(count, src, dst);
334         return res;
335 }
336 
337 static inline unsigned long
338 strnlen_user(const char __user * src, unsigned long n)
339 {
340 	might_fault();
341 	return uaccess.strnlen_user(n, src);
342 }
343 
344 /**
345  * strlen_user: - Get the size of a string in user space.
346  * @str: The string to measure.
347  *
348  * Context: User context only.  This function may sleep.
349  *
350  * Get the size of a NUL-terminated string in user space.
351  *
352  * Returns the size of the string INCLUDING the terminating NUL.
353  * On exception, returns 0.
354  *
355  * If there is a limit on the length of a valid string, you may wish to
356  * consider using strnlen_user() instead.
357  */
358 #define strlen_user(str) strnlen_user(str, ~0UL)
359 
360 /*
361  * Zero Userspace
362  */
363 
364 static inline unsigned long __must_check
365 __clear_user(void __user *to, unsigned long n)
366 {
367 	return uaccess.clear_user(n, to);
368 }
369 
370 static inline unsigned long __must_check
371 clear_user(void __user *to, unsigned long n)
372 {
373 	might_fault();
374 	if (access_ok(VERIFY_WRITE, to, n))
375 		n = uaccess.clear_user(n, to);
376 	return n;
377 }
378 
379 extern int memcpy_real(void *, void *, size_t);
380 extern void copy_to_absolute_zero(void *dest, void *src, size_t count);
381 extern int copy_to_user_real(void __user *dest, void *src, size_t count);
382 extern int copy_from_user_real(void *dest, void __user *src, size_t count);
383 
384 #endif /* __S390_UACCESS_H */
385