xref: /openbmc/linux/arch/s390/include/asm/uaccess.h (revision e8e0929d) 
1 /*
2  *  include/asm-s390/uaccess.h
3  *
4  *  S390 version
5  *    Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation
6  *    Author(s): Hartmut Penner (hp@de.ibm.com),
7  *               Martin Schwidefsky (schwidefsky@de.ibm.com)
8  *
9  *  Derived from "include/asm-i386/uaccess.h"
10  */
11 #ifndef __S390_UACCESS_H
12 #define __S390_UACCESS_H
13 
14 /*
15  * User space memory access functions
16  */
17 #include <linux/sched.h>
18 #include <linux/errno.h>
19 
20 #define VERIFY_READ     0
21 #define VERIFY_WRITE    1
22 
23 
24 /*
25  * The fs value determines whether argument validity checking should be
26  * performed or not.  If get_fs() == USER_DS, checking is performed, with
27  * get_fs() == KERNEL_DS, checking is bypassed.
28  *
29  * For historical reasons, these macros are grossly misnamed.
30  */
31 
32 #define MAKE_MM_SEG(a)  ((mm_segment_t) { (a) })
33 
34 
35 #define KERNEL_DS       MAKE_MM_SEG(0)
36 #define USER_DS         MAKE_MM_SEG(1)
37 
38 #define get_ds()        (KERNEL_DS)
39 #define get_fs()        (current->thread.mm_segment)
40 
41 #define set_fs(x) \
42 ({									\
43 	unsigned long __pto;						\
44 	current->thread.mm_segment = (x);				\
45 	__pto = current->thread.mm_segment.ar4 ?			\
46 		S390_lowcore.user_asce : S390_lowcore.kernel_asce;	\
47 	__ctl_load(__pto, 7, 7);					\
48 })
49 
50 #define segment_eq(a,b) ((a).ar4 == (b).ar4)
51 
52 
53 static inline int __access_ok(const void __user *addr, unsigned long size)
54 {
55 	return 1;
56 }
57 #define access_ok(type,addr,size) __access_ok(addr,size)
58 
59 /*
60  * The exception table consists of pairs of addresses: the first is the
61  * address of an instruction that is allowed to fault, and the second is
62  * the address at which the program should continue.  No registers are
63  * modified, so it is entirely up to the continuation code to figure out
64  * what to do.
65  *
66  * All the routines below use bits of fixup code that are out of line
67  * with the main instruction path.  This means when everything is well,
68  * we don't even have to jump over them.  Further, they do not intrude
69  * on our cache or tlb entries.
70  */
71 
72 struct exception_table_entry
73 {
74         unsigned long insn, fixup;
75 };
76 
77 struct uaccess_ops {
78 	size_t (*copy_from_user)(size_t, const void __user *, void *);
79 	size_t (*copy_from_user_small)(size_t, const void __user *, void *);
80 	size_t (*copy_to_user)(size_t, void __user *, const void *);
81 	size_t (*copy_to_user_small)(size_t, void __user *, const void *);
82 	size_t (*copy_in_user)(size_t, void __user *, const void __user *);
83 	size_t (*clear_user)(size_t, void __user *);
84 	size_t (*strnlen_user)(size_t, const char __user *);
85 	size_t (*strncpy_from_user)(size_t, const char __user *, char *);
86 	int (*futex_atomic_op)(int op, int __user *, int oparg, int *old);
87 	int (*futex_atomic_cmpxchg)(int __user *, int old, int new);
88 };
89 
90 extern struct uaccess_ops uaccess;
91 extern struct uaccess_ops uaccess_std;
92 extern struct uaccess_ops uaccess_mvcos;
93 extern struct uaccess_ops uaccess_mvcos_switch;
94 extern struct uaccess_ops uaccess_pt;
95 
96 static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
97 {
98 	size = uaccess.copy_to_user_small(size, ptr, x);
99 	return size ? -EFAULT : size;
100 }
101 
102 static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
103 {
104 	size = uaccess.copy_from_user_small(size, ptr, x);
105 	return size ? -EFAULT : size;
106 }
107 
108 /*
109  * These are the main single-value transfer routines.  They automatically
110  * use the right size if we just have the right pointer type.
111  */
112 #define __put_user(x, ptr) \
113 ({								\
114 	__typeof__(*(ptr)) __x = (x);				\
115 	int __pu_err = -EFAULT;					\
116         __chk_user_ptr(ptr);                                    \
117 	switch (sizeof (*(ptr))) {				\
118 	case 1:							\
119 	case 2:							\
120 	case 4:							\
121 	case 8:							\
122 		__pu_err = __put_user_fn(sizeof (*(ptr)),	\
123 					 ptr, &__x);		\
124 		break;						\
125 	default:						\
126 		__put_user_bad();				\
127 		break;						\
128 	 }							\
129 	__pu_err;						\
130 })
131 
132 #define put_user(x, ptr)					\
133 ({								\
134 	might_fault();						\
135 	__put_user(x, ptr);					\
136 })
137 
138 
139 extern int __put_user_bad(void) __attribute__((noreturn));
140 
141 #define __get_user(x, ptr)					\
142 ({								\
143 	int __gu_err = -EFAULT;					\
144 	__chk_user_ptr(ptr);					\
145 	switch (sizeof(*(ptr))) {				\
146 	case 1: {						\
147 		unsigned char __x;				\
148 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
149 					 ptr, &__x);		\
150 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
151 		break;						\
152 	};							\
153 	case 2: {						\
154 		unsigned short __x;				\
155 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
156 					 ptr, &__x);		\
157 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
158 		break;						\
159 	};							\
160 	case 4: {						\
161 		unsigned int __x;				\
162 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
163 					 ptr, &__x);		\
164 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
165 		break;						\
166 	};							\
167 	case 8: {						\
168 		unsigned long long __x;				\
169 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
170 					 ptr, &__x);		\
171 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
172 		break;						\
173 	};							\
174 	default:						\
175 		__get_user_bad();				\
176 		break;						\
177 	}							\
178 	__gu_err;						\
179 })
180 
181 #define get_user(x, ptr)					\
182 ({								\
183 	might_fault();						\
184 	__get_user(x, ptr);					\
185 })
186 
187 extern int __get_user_bad(void) __attribute__((noreturn));
188 
189 #define __put_user_unaligned __put_user
190 #define __get_user_unaligned __get_user
191 
192 /**
193  * __copy_to_user: - Copy a block of data into user space, with less checking.
194  * @to:   Destination address, in user space.
195  * @from: Source address, in kernel space.
196  * @n:    Number of bytes to copy.
197  *
198  * Context: User context only.  This function may sleep.
199  *
200  * Copy data from kernel space to user space.  Caller must check
201  * the specified block with access_ok() before calling this function.
202  *
203  * Returns number of bytes that could not be copied.
204  * On success, this will be zero.
205  */
206 static inline unsigned long __must_check
207 __copy_to_user(void __user *to, const void *from, unsigned long n)
208 {
209 	if (__builtin_constant_p(n) && (n <= 256))
210 		return uaccess.copy_to_user_small(n, to, from);
211 	else
212 		return uaccess.copy_to_user(n, to, from);
213 }
214 
215 #define __copy_to_user_inatomic __copy_to_user
216 #define __copy_from_user_inatomic __copy_from_user
217 
218 /**
219  * copy_to_user: - Copy a block of data into user space.
220  * @to:   Destination address, in user space.
221  * @from: Source address, in kernel space.
222  * @n:    Number of bytes to copy.
223  *
224  * Context: User context only.  This function may sleep.
225  *
226  * Copy data from kernel space to user space.
227  *
228  * Returns number of bytes that could not be copied.
229  * On success, this will be zero.
230  */
231 static inline unsigned long __must_check
232 copy_to_user(void __user *to, const void *from, unsigned long n)
233 {
234 	might_fault();
235 	if (access_ok(VERIFY_WRITE, to, n))
236 		n = __copy_to_user(to, from, n);
237 	return n;
238 }
239 
240 /**
241  * __copy_from_user: - Copy a block of data from user space, with less checking.
242  * @to:   Destination address, in kernel space.
243  * @from: Source address, in user space.
244  * @n:    Number of bytes to copy.
245  *
246  * Context: User context only.  This function may sleep.
247  *
248  * Copy data from user space to kernel space.  Caller must check
249  * the specified block with access_ok() before calling this function.
250  *
251  * Returns number of bytes that could not be copied.
252  * On success, this will be zero.
253  *
254  * If some data could not be copied, this function will pad the copied
255  * data to the requested size using zero bytes.
256  */
257 static inline unsigned long __must_check
258 __copy_from_user(void *to, const void __user *from, unsigned long n)
259 {
260 	if (__builtin_constant_p(n) && (n <= 256))
261 		return uaccess.copy_from_user_small(n, from, to);
262 	else
263 		return uaccess.copy_from_user(n, from, to);
264 }
265 
266 /**
267  * copy_from_user: - Copy a block of data from user space.
268  * @to:   Destination address, in kernel space.
269  * @from: Source address, in user space.
270  * @n:    Number of bytes to copy.
271  *
272  * Context: User context only.  This function may sleep.
273  *
274  * Copy data from user space to kernel space.
275  *
276  * Returns number of bytes that could not be copied.
277  * On success, this will be zero.
278  *
279  * If some data could not be copied, this function will pad the copied
280  * data to the requested size using zero bytes.
281  */
282 static inline unsigned long __must_check
283 copy_from_user(void *to, const void __user *from, unsigned long n)
284 {
285 	might_fault();
286 	if (access_ok(VERIFY_READ, from, n))
287 		n = __copy_from_user(to, from, n);
288 	else
289 		memset(to, 0, n);
290 	return n;
291 }
292 
293 static inline unsigned long __must_check
294 __copy_in_user(void __user *to, const void __user *from, unsigned long n)
295 {
296 	return uaccess.copy_in_user(n, to, from);
297 }
298 
299 static inline unsigned long __must_check
300 copy_in_user(void __user *to, const void __user *from, unsigned long n)
301 {
302 	might_fault();
303 	if (__access_ok(from,n) && __access_ok(to,n))
304 		n = __copy_in_user(to, from, n);
305 	return n;
306 }
307 
308 /*
309  * Copy a null terminated string from userspace.
310  */
311 static inline long __must_check
312 strncpy_from_user(char *dst, const char __user *src, long count)
313 {
314         long res = -EFAULT;
315 	might_fault();
316         if (access_ok(VERIFY_READ, src, 1))
317 		res = uaccess.strncpy_from_user(count, src, dst);
318         return res;
319 }
320 
321 static inline unsigned long
322 strnlen_user(const char __user * src, unsigned long n)
323 {
324 	might_fault();
325 	return uaccess.strnlen_user(n, src);
326 }
327 
328 /**
329  * strlen_user: - Get the size of a string in user space.
330  * @str: The string to measure.
331  *
332  * Context: User context only.  This function may sleep.
333  *
334  * Get the size of a NUL-terminated string in user space.
335  *
336  * Returns the size of the string INCLUDING the terminating NUL.
337  * On exception, returns 0.
338  *
339  * If there is a limit on the length of a valid string, you may wish to
340  * consider using strnlen_user() instead.
341  */
342 #define strlen_user(str) strnlen_user(str, ~0UL)
343 
344 /*
345  * Zero Userspace
346  */
347 
348 static inline unsigned long __must_check
349 __clear_user(void __user *to, unsigned long n)
350 {
351 	return uaccess.clear_user(n, to);
352 }
353 
354 static inline unsigned long __must_check
355 clear_user(void __user *to, unsigned long n)
356 {
357 	might_fault();
358 	if (access_ok(VERIFY_WRITE, to, n))
359 		n = uaccess.clear_user(n, to);
360 	return n;
361 }
362 
363 #endif /* __S390_UACCESS_H */
364