xref: /openbmc/linux/arch/s390/include/asm/uaccess.h (revision 9344dade) 
1 /*
2  *  S390 version
3  *    Copyright IBM Corp. 1999, 2000
4  *    Author(s): Hartmut Penner (hp@de.ibm.com),
5  *               Martin Schwidefsky (schwidefsky@de.ibm.com)
6  *
7  *  Derived from "include/asm-i386/uaccess.h"
8  */
9 #ifndef __S390_UACCESS_H
10 #define __S390_UACCESS_H
11 
12 /*
13  * User space memory access functions
14  */
15 #include <linux/sched.h>
16 #include <linux/errno.h>
17 #include <asm/ctl_reg.h>
18 
19 #define VERIFY_READ     0
20 #define VERIFY_WRITE    1
21 
22 
23 /*
24  * The fs value determines whether argument validity checking should be
25  * performed or not.  If get_fs() == USER_DS, checking is performed, with
26  * get_fs() == KERNEL_DS, checking is bypassed.
27  *
28  * For historical reasons, these macros are grossly misnamed.
29  */
30 
31 #define MAKE_MM_SEG(a)  ((mm_segment_t) { (a) })
32 
33 
34 #define KERNEL_DS       MAKE_MM_SEG(0)
35 #define USER_DS         MAKE_MM_SEG(1)
36 
37 #define get_ds()        (KERNEL_DS)
38 #define get_fs()        (current->thread.mm_segment)
39 
40 #define set_fs(x) \
41 ({									\
42 	unsigned long __pto;						\
43 	current->thread.mm_segment = (x);				\
44 	__pto = current->thread.mm_segment.ar4 ?			\
45 		S390_lowcore.user_asce : S390_lowcore.kernel_asce;	\
46 	__ctl_load(__pto, 7, 7);					\
47 })
48 
49 #define segment_eq(a,b) ((a).ar4 == (b).ar4)
50 
51 static inline int __range_ok(unsigned long addr, unsigned long size)
52 {
53 	return 1;
54 }
55 
56 #define __access_ok(addr, size)				\
57 ({							\
58 	__chk_user_ptr(addr);				\
59 	__range_ok((unsigned long)(addr), (size));	\
60 })
61 
62 #define access_ok(type, addr, size) __access_ok(addr, size)
63 
64 /*
65  * The exception table consists of pairs of addresses: the first is the
66  * address of an instruction that is allowed to fault, and the second is
67  * the address at which the program should continue.  No registers are
68  * modified, so it is entirely up to the continuation code to figure out
69  * what to do.
70  *
71  * All the routines below use bits of fixup code that are out of line
72  * with the main instruction path.  This means when everything is well,
73  * we don't even have to jump over them.  Further, they do not intrude
74  * on our cache or tlb entries.
75  */
76 
77 struct exception_table_entry
78 {
79 	int insn, fixup;
80 };
81 
82 static inline unsigned long extable_insn(const struct exception_table_entry *x)
83 {
84 	return (unsigned long)&x->insn + x->insn;
85 }
86 
87 static inline unsigned long extable_fixup(const struct exception_table_entry *x)
88 {
89 	return (unsigned long)&x->fixup + x->fixup;
90 }
91 
92 #define ARCH_HAS_SORT_EXTABLE
93 #define ARCH_HAS_SEARCH_EXTABLE
94 
95 struct uaccess_ops {
96 	size_t (*copy_from_user)(size_t, const void __user *, void *);
97 	size_t (*copy_from_user_small)(size_t, const void __user *, void *);
98 	size_t (*copy_to_user)(size_t, void __user *, const void *);
99 	size_t (*copy_to_user_small)(size_t, void __user *, const void *);
100 	size_t (*copy_in_user)(size_t, void __user *, const void __user *);
101 	size_t (*clear_user)(size_t, void __user *);
102 	size_t (*strnlen_user)(size_t, const char __user *);
103 	size_t (*strncpy_from_user)(size_t, const char __user *, char *);
104 	int (*futex_atomic_op)(int op, u32 __user *, int oparg, int *old);
105 	int (*futex_atomic_cmpxchg)(u32 *, u32 __user *, u32 old, u32 new);
106 };
107 
108 extern struct uaccess_ops uaccess;
109 extern struct uaccess_ops uaccess_std;
110 extern struct uaccess_ops uaccess_mvcos;
111 extern struct uaccess_ops uaccess_mvcos_switch;
112 extern struct uaccess_ops uaccess_pt;
113 
114 extern int __handle_fault(unsigned long, unsigned long, int);
115 
116 static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
117 {
118 	size = uaccess.copy_to_user_small(size, ptr, x);
119 	return size ? -EFAULT : size;
120 }
121 
122 static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
123 {
124 	size = uaccess.copy_from_user_small(size, ptr, x);
125 	return size ? -EFAULT : size;
126 }
127 
128 /*
129  * These are the main single-value transfer routines.  They automatically
130  * use the right size if we just have the right pointer type.
131  */
132 #define __put_user(x, ptr) \
133 ({								\
134 	__typeof__(*(ptr)) __x = (x);				\
135 	int __pu_err = -EFAULT;					\
136         __chk_user_ptr(ptr);                                    \
137 	switch (sizeof (*(ptr))) {				\
138 	case 1:							\
139 	case 2:							\
140 	case 4:							\
141 	case 8:							\
142 		__pu_err = __put_user_fn(sizeof (*(ptr)),	\
143 					 ptr, &__x);		\
144 		break;						\
145 	default:						\
146 		__put_user_bad();				\
147 		break;						\
148 	 }							\
149 	__pu_err;						\
150 })
151 
152 #define put_user(x, ptr)					\
153 ({								\
154 	might_fault();						\
155 	__put_user(x, ptr);					\
156 })
157 
158 
159 extern int __put_user_bad(void) __attribute__((noreturn));
160 
161 #define __get_user(x, ptr)					\
162 ({								\
163 	int __gu_err = -EFAULT;					\
164 	__chk_user_ptr(ptr);					\
165 	switch (sizeof(*(ptr))) {				\
166 	case 1: {						\
167 		unsigned char __x;				\
168 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
169 					 ptr, &__x);		\
170 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
171 		break;						\
172 	};							\
173 	case 2: {						\
174 		unsigned short __x;				\
175 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
176 					 ptr, &__x);		\
177 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
178 		break;						\
179 	};							\
180 	case 4: {						\
181 		unsigned int __x;				\
182 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
183 					 ptr, &__x);		\
184 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
185 		break;						\
186 	};							\
187 	case 8: {						\
188 		unsigned long long __x;				\
189 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
190 					 ptr, &__x);		\
191 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
192 		break;						\
193 	};							\
194 	default:						\
195 		__get_user_bad();				\
196 		break;						\
197 	}							\
198 	__gu_err;						\
199 })
200 
201 #define get_user(x, ptr)					\
202 ({								\
203 	might_fault();						\
204 	__get_user(x, ptr);					\
205 })
206 
207 extern int __get_user_bad(void) __attribute__((noreturn));
208 
209 #define __put_user_unaligned __put_user
210 #define __get_user_unaligned __get_user
211 
212 /**
213  * __copy_to_user: - Copy a block of data into user space, with less checking.
214  * @to:   Destination address, in user space.
215  * @from: Source address, in kernel space.
216  * @n:    Number of bytes to copy.
217  *
218  * Context: User context only.  This function may sleep.
219  *
220  * Copy data from kernel space to user space.  Caller must check
221  * the specified block with access_ok() before calling this function.
222  *
223  * Returns number of bytes that could not be copied.
224  * On success, this will be zero.
225  */
226 static inline unsigned long __must_check
227 __copy_to_user(void __user *to, const void *from, unsigned long n)
228 {
229 	if (__builtin_constant_p(n) && (n <= 256))
230 		return uaccess.copy_to_user_small(n, to, from);
231 	else
232 		return uaccess.copy_to_user(n, to, from);
233 }
234 
235 #define __copy_to_user_inatomic __copy_to_user
236 #define __copy_from_user_inatomic __copy_from_user
237 
238 /**
239  * copy_to_user: - Copy a block of data into user space.
240  * @to:   Destination address, in user space.
241  * @from: Source address, in kernel space.
242  * @n:    Number of bytes to copy.
243  *
244  * Context: User context only.  This function may sleep.
245  *
246  * Copy data from kernel space to user space.
247  *
248  * Returns number of bytes that could not be copied.
249  * On success, this will be zero.
250  */
251 static inline unsigned long __must_check
252 copy_to_user(void __user *to, const void *from, unsigned long n)
253 {
254 	might_fault();
255 	return __copy_to_user(to, from, n);
256 }
257 
258 /**
259  * __copy_from_user: - Copy a block of data from user space, with less checking.
260  * @to:   Destination address, in kernel space.
261  * @from: Source address, in user space.
262  * @n:    Number of bytes to copy.
263  *
264  * Context: User context only.  This function may sleep.
265  *
266  * Copy data from user space to kernel space.  Caller must check
267  * the specified block with access_ok() before calling this function.
268  *
269  * Returns number of bytes that could not be copied.
270  * On success, this will be zero.
271  *
272  * If some data could not be copied, this function will pad the copied
273  * data to the requested size using zero bytes.
274  */
275 static inline unsigned long __must_check
276 __copy_from_user(void *to, const void __user *from, unsigned long n)
277 {
278 	if (__builtin_constant_p(n) && (n <= 256))
279 		return uaccess.copy_from_user_small(n, from, to);
280 	else
281 		return uaccess.copy_from_user(n, from, to);
282 }
283 
284 extern void copy_from_user_overflow(void)
285 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
286 __compiletime_warning("copy_from_user() buffer size is not provably correct")
287 #endif
288 ;
289 
290 /**
291  * copy_from_user: - Copy a block of data from user space.
292  * @to:   Destination address, in kernel space.
293  * @from: Source address, in user space.
294  * @n:    Number of bytes to copy.
295  *
296  * Context: User context only.  This function may sleep.
297  *
298  * Copy data from user space to kernel space.
299  *
300  * Returns number of bytes that could not be copied.
301  * On success, this will be zero.
302  *
303  * If some data could not be copied, this function will pad the copied
304  * data to the requested size using zero bytes.
305  */
306 static inline unsigned long __must_check
307 copy_from_user(void *to, const void __user *from, unsigned long n)
308 {
309 	unsigned int sz = __compiletime_object_size(to);
310 
311 	might_fault();
312 	if (unlikely(sz != -1 && sz < n)) {
313 		copy_from_user_overflow();
314 		return n;
315 	}
316 	return __copy_from_user(to, from, n);
317 }
318 
319 static inline unsigned long __must_check
320 __copy_in_user(void __user *to, const void __user *from, unsigned long n)
321 {
322 	return uaccess.copy_in_user(n, to, from);
323 }
324 
325 static inline unsigned long __must_check
326 copy_in_user(void __user *to, const void __user *from, unsigned long n)
327 {
328 	might_fault();
329 	return __copy_in_user(to, from, n);
330 }
331 
332 /*
333  * Copy a null terminated string from userspace.
334  */
335 static inline long __must_check
336 strncpy_from_user(char *dst, const char __user *src, long count)
337 {
338 	might_fault();
339 	return uaccess.strncpy_from_user(count, src, dst);
340 }
341 
342 static inline unsigned long
343 strnlen_user(const char __user * src, unsigned long n)
344 {
345 	might_fault();
346 	return uaccess.strnlen_user(n, src);
347 }
348 
349 /**
350  * strlen_user: - Get the size of a string in user space.
351  * @str: The string to measure.
352  *
353  * Context: User context only.  This function may sleep.
354  *
355  * Get the size of a NUL-terminated string in user space.
356  *
357  * Returns the size of the string INCLUDING the terminating NUL.
358  * On exception, returns 0.
359  *
360  * If there is a limit on the length of a valid string, you may wish to
361  * consider using strnlen_user() instead.
362  */
363 #define strlen_user(str) strnlen_user(str, ~0UL)
364 
365 /*
366  * Zero Userspace
367  */
368 
369 static inline unsigned long __must_check
370 __clear_user(void __user *to, unsigned long n)
371 {
372 	return uaccess.clear_user(n, to);
373 }
374 
375 static inline unsigned long __must_check
376 clear_user(void __user *to, unsigned long n)
377 {
378 	might_fault();
379 	return uaccess.clear_user(n, to);
380 }
381 
382 extern int copy_to_user_real(void __user *dest, void *src, size_t count);
383 extern int copy_from_user_real(void *dest, void __user *src, size_t count);
384 
385 #endif /* __S390_UACCESS_H */
386