1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *  linux/lib/vsprintf.c
4  *
5  *  Copyright (C) 1991, 1992  Linus Torvalds
6  */
7 
8 /* vsprintf.c -- Lars Wirzenius & Linus Torvalds. */
9 /*
10  * Wirzenius wrote this portably, Torvalds fucked it up :-)
11  */
12 
13 /*
14  * Fri Jul 13 2001 Crutcher Dunnavant <crutcher+kernel@datastacks.com>
15  * - changed to provide snprintf and vsnprintf functions
16  * So Feb  1 16:51:32 CET 2004 Juergen Quade <quade@hsnr.de>
17  * - scnprintf and vscnprintf
18  */
19 
20 #include <linux/stdarg.h>
21 #include <linux/build_bug.h>
22 #include <linux/clk.h>
23 #include <linux/clk-provider.h>
24 #include <linux/errname.h>
25 #include <linux/module.h>	/* for KSYM_SYMBOL_LEN */
26 #include <linux/types.h>
27 #include <linux/string.h>
28 #include <linux/ctype.h>
29 #include <linux/kernel.h>
30 #include <linux/kallsyms.h>
31 #include <linux/math64.h>
32 #include <linux/uaccess.h>
33 #include <linux/ioport.h>
34 #include <linux/dcache.h>
35 #include <linux/cred.h>
36 #include <linux/rtc.h>
37 #include <linux/time.h>
38 #include <linux/uuid.h>
39 #include <linux/of.h>
40 #include <net/addrconf.h>
41 #include <linux/siphash.h>
42 #include <linux/compiler.h>
43 #include <linux/property.h>
44 #ifdef CONFIG_BLOCK
45 #include <linux/blkdev.h>
46 #endif
47 
48 #include "../mm/internal.h"	/* For the trace_print_flags arrays */
49 
50 #include <asm/page.h>		/* for PAGE_SIZE */
51 #include <asm/byteorder.h>	/* cpu_to_le16 */
52 #include <asm/unaligned.h>
53 
54 #include <linux/string_helpers.h>
55 #include "kstrtox.h"
56 
57 /* Disable pointer hashing if requested */
58 bool no_hash_pointers __ro_after_init;
59 EXPORT_SYMBOL_GPL(no_hash_pointers);
60 
simple_strntoull(const char * startp,size_t max_chars,char ** endp,unsigned int base)61 static noinline unsigned long long simple_strntoull(const char *startp, size_t max_chars, char **endp, unsigned int base)
62 {
63 	const char *cp;
64 	unsigned long long result = 0ULL;
65 	size_t prefix_chars;
66 	unsigned int rv;
67 
68 	cp = _parse_integer_fixup_radix(startp, &base);
69 	prefix_chars = cp - startp;
70 	if (prefix_chars < max_chars) {
71 		rv = _parse_integer_limit(cp, base, &result, max_chars - prefix_chars);
72 		/* FIXME */
73 		cp += (rv & ~KSTRTOX_OVERFLOW);
74 	} else {
75 		/* Field too short for prefix + digit, skip over without converting */
76 		cp = startp + max_chars;
77 	}
78 
79 	if (endp)
80 		*endp = (char *)cp;
81 
82 	return result;
83 }
84 
85 /**
86  * simple_strtoull - convert a string to an unsigned long long
87  * @cp: The start of the string
88  * @endp: A pointer to the end of the parsed string will be placed here
89  * @base: The number base to use
90  *
91  * This function has caveats. Please use kstrtoull instead.
92  */
93 noinline
simple_strtoull(const char * cp,char ** endp,unsigned int base)94 unsigned long long simple_strtoull(const char *cp, char **endp, unsigned int base)
95 {
96 	return simple_strntoull(cp, INT_MAX, endp, base);
97 }
98 EXPORT_SYMBOL(simple_strtoull);
99 
100 /**
101  * simple_strtoul - convert a string to an unsigned long
102  * @cp: The start of the string
103  * @endp: A pointer to the end of the parsed string will be placed here
104  * @base: The number base to use
105  *
106  * This function has caveats. Please use kstrtoul instead.
107  */
simple_strtoul(const char * cp,char ** endp,unsigned int base)108 unsigned long simple_strtoul(const char *cp, char **endp, unsigned int base)
109 {
110 	return simple_strtoull(cp, endp, base);
111 }
112 EXPORT_SYMBOL(simple_strtoul);
113 
114 /**
115  * simple_strtol - convert a string to a signed long
116  * @cp: The start of the string
117  * @endp: A pointer to the end of the parsed string will be placed here
118  * @base: The number base to use
119  *
120  * This function has caveats. Please use kstrtol instead.
121  */
simple_strtol(const char * cp,char ** endp,unsigned int base)122 long simple_strtol(const char *cp, char **endp, unsigned int base)
123 {
124 	if (*cp == '-')
125 		return -simple_strtoul(cp + 1, endp, base);
126 
127 	return simple_strtoul(cp, endp, base);
128 }
129 EXPORT_SYMBOL(simple_strtol);
130 
simple_strntoll(const char * cp,size_t max_chars,char ** endp,unsigned int base)131 static long long simple_strntoll(const char *cp, size_t max_chars, char **endp,
132 				 unsigned int base)
133 {
134 	/*
135 	 * simple_strntoull() safely handles receiving max_chars==0 in the
136 	 * case cp[0] == '-' && max_chars == 1.
137 	 * If max_chars == 0 we can drop through and pass it to simple_strntoull()
138 	 * and the content of *cp is irrelevant.
139 	 */
140 	if (*cp == '-' && max_chars > 0)
141 		return -simple_strntoull(cp + 1, max_chars - 1, endp, base);
142 
143 	return simple_strntoull(cp, max_chars, endp, base);
144 }
145 
146 /**
147  * simple_strtoll - convert a string to a signed long long
148  * @cp: The start of the string
149  * @endp: A pointer to the end of the parsed string will be placed here
150  * @base: The number base to use
151  *
152  * This function has caveats. Please use kstrtoll instead.
153  */
simple_strtoll(const char * cp,char ** endp,unsigned int base)154 long long simple_strtoll(const char *cp, char **endp, unsigned int base)
155 {
156 	return simple_strntoll(cp, INT_MAX, endp, base);
157 }
158 EXPORT_SYMBOL(simple_strtoll);
159 
160 static noinline_for_stack
skip_atoi(const char ** s)161 int skip_atoi(const char **s)
162 {
163 	int i = 0;
164 
165 	do {
166 		i = i*10 + *((*s)++) - '0';
167 	} while (isdigit(**s));
168 
169 	return i;
170 }
171 
172 /*
173  * Decimal conversion is by far the most typical, and is used for
174  * /proc and /sys data. This directly impacts e.g. top performance
175  * with many processes running. We optimize it for speed by emitting
176  * two characters at a time, using a 200 byte lookup table. This
177  * roughly halves the number of multiplications compared to computing
178  * the digits one at a time. Implementation strongly inspired by the
179  * previous version, which in turn used ideas described at
180  * <http://www.cs.uiowa.edu/~jones/bcd/divide.html> (with permission
181  * from the author, Douglas W. Jones).
182  *
183  * It turns out there is precisely one 26 bit fixed-point
184  * approximation a of 64/100 for which x/100 == (x * (u64)a) >> 32
185  * holds for all x in [0, 10^8-1], namely a = 0x28f5c29. The actual
186  * range happens to be somewhat larger (x <= 1073741898), but that's
187  * irrelevant for our purpose.
188  *
189  * For dividing a number in the range [10^4, 10^6-1] by 100, we still
190  * need a 32x32->64 bit multiply, so we simply use the same constant.
191  *
192  * For dividing a number in the range [100, 10^4-1] by 100, there are
193  * several options. The simplest is (x * 0x147b) >> 19, which is valid
194  * for all x <= 43698.
195  */
196 
197 static const u16 decpair[100] = {
198 #define _(x) (__force u16) cpu_to_le16(((x % 10) | ((x / 10) << 8)) + 0x3030)
199 	_( 0), _( 1), _( 2), _( 3), _( 4), _( 5), _( 6), _( 7), _( 8), _( 9),
200 	_(10), _(11), _(12), _(13), _(14), _(15), _(16), _(17), _(18), _(19),
201 	_(20), _(21), _(22), _(23), _(24), _(25), _(26), _(27), _(28), _(29),
202 	_(30), _(31), _(32), _(33), _(34), _(35), _(36), _(37), _(38), _(39),
203 	_(40), _(41), _(42), _(43), _(44), _(45), _(46), _(47), _(48), _(49),
204 	_(50), _(51), _(52), _(53), _(54), _(55), _(56), _(57), _(58), _(59),
205 	_(60), _(61), _(62), _(63), _(64), _(65), _(66), _(67), _(68), _(69),
206 	_(70), _(71), _(72), _(73), _(74), _(75), _(76), _(77), _(78), _(79),
207 	_(80), _(81), _(82), _(83), _(84), _(85), _(86), _(87), _(88), _(89),
208 	_(90), _(91), _(92), _(93), _(94), _(95), _(96), _(97), _(98), _(99),
209 #undef _
210 };
211 
212 /*
213  * This will print a single '0' even if r == 0, since we would
214  * immediately jump to out_r where two 0s would be written but only
215  * one of them accounted for in buf. This is needed by ip4_string
216  * below. All other callers pass a non-zero value of r.
217 */
218 static noinline_for_stack
put_dec_trunc8(char * buf,unsigned r)219 char *put_dec_trunc8(char *buf, unsigned r)
220 {
221 	unsigned q;
222 
223 	/* 1 <= r < 10^8 */
224 	if (r < 100)
225 		goto out_r;
226 
227 	/* 100 <= r < 10^8 */
228 	q = (r * (u64)0x28f5c29) >> 32;
229 	*((u16 *)buf) = decpair[r - 100*q];
230 	buf += 2;
231 
232 	/* 1 <= q < 10^6 */
233 	if (q < 100)
234 		goto out_q;
235 
236 	/*  100 <= q < 10^6 */
237 	r = (q * (u64)0x28f5c29) >> 32;
238 	*((u16 *)buf) = decpair[q - 100*r];
239 	buf += 2;
240 
241 	/* 1 <= r < 10^4 */
242 	if (r < 100)
243 		goto out_r;
244 
245 	/* 100 <= r < 10^4 */
246 	q = (r * 0x147b) >> 19;
247 	*((u16 *)buf) = decpair[r - 100*q];
248 	buf += 2;
249 out_q:
250 	/* 1 <= q < 100 */
251 	r = q;
252 out_r:
253 	/* 1 <= r < 100 */
254 	*((u16 *)buf) = decpair[r];
255 	buf += r < 10 ? 1 : 2;
256 	return buf;
257 }
258 
259 #if BITS_PER_LONG == 64 && BITS_PER_LONG_LONG == 64
260 static noinline_for_stack
put_dec_full8(char * buf,unsigned r)261 char *put_dec_full8(char *buf, unsigned r)
262 {
263 	unsigned q;
264 
265 	/* 0 <= r < 10^8 */
266 	q = (r * (u64)0x28f5c29) >> 32;
267 	*((u16 *)buf) = decpair[r - 100*q];
268 	buf += 2;
269 
270 	/* 0 <= q < 10^6 */
271 	r = (q * (u64)0x28f5c29) >> 32;
272 	*((u16 *)buf) = decpair[q - 100*r];
273 	buf += 2;
274 
275 	/* 0 <= r < 10^4 */
276 	q = (r * 0x147b) >> 19;
277 	*((u16 *)buf) = decpair[r - 100*q];
278 	buf += 2;
279 
280 	/* 0 <= q < 100 */
281 	*((u16 *)buf) = decpair[q];
282 	buf += 2;
283 	return buf;
284 }
285 
286 static noinline_for_stack
put_dec(char * buf,unsigned long long n)287 char *put_dec(char *buf, unsigned long long n)
288 {
289 	if (n >= 100*1000*1000)
290 		buf = put_dec_full8(buf, do_div(n, 100*1000*1000));
291 	/* 1 <= n <= 1.6e11 */
292 	if (n >= 100*1000*1000)
293 		buf = put_dec_full8(buf, do_div(n, 100*1000*1000));
294 	/* 1 <= n < 1e8 */
295 	return put_dec_trunc8(buf, n);
296 }
297 
298 #elif BITS_PER_LONG == 32 && BITS_PER_LONG_LONG == 64
299 
300 static void
put_dec_full4(char * buf,unsigned r)301 put_dec_full4(char *buf, unsigned r)
302 {
303 	unsigned q;
304 
305 	/* 0 <= r < 10^4 */
306 	q = (r * 0x147b) >> 19;
307 	*((u16 *)buf) = decpair[r - 100*q];
308 	buf += 2;
309 	/* 0 <= q < 100 */
310 	*((u16 *)buf) = decpair[q];
311 }
312 
313 /*
314  * Call put_dec_full4 on x % 10000, return x / 10000.
315  * The approximation x/10000 == (x * 0x346DC5D7) >> 43
316  * holds for all x < 1,128,869,999.  The largest value this
317  * helper will ever be asked to convert is 1,125,520,955.
318  * (second call in the put_dec code, assuming n is all-ones).
319  */
320 static noinline_for_stack
put_dec_helper4(char * buf,unsigned x)321 unsigned put_dec_helper4(char *buf, unsigned x)
322 {
323         uint32_t q = (x * (uint64_t)0x346DC5D7) >> 43;
324 
325         put_dec_full4(buf, x - q * 10000);
326         return q;
327 }
328 
329 /* Based on code by Douglas W. Jones found at
330  * <http://www.cs.uiowa.edu/~jones/bcd/decimal.html#sixtyfour>
331  * (with permission from the author).
332  * Performs no 64-bit division and hence should be fast on 32-bit machines.
333  */
334 static
put_dec(char * buf,unsigned long long n)335 char *put_dec(char *buf, unsigned long long n)
336 {
337 	uint32_t d3, d2, d1, q, h;
338 
339 	if (n < 100*1000*1000)
340 		return put_dec_trunc8(buf, n);
341 
342 	d1  = ((uint32_t)n >> 16); /* implicit "& 0xffff" */
343 	h   = (n >> 32);
344 	d2  = (h      ) & 0xffff;
345 	d3  = (h >> 16); /* implicit "& 0xffff" */
346 
347 	/* n = 2^48 d3 + 2^32 d2 + 2^16 d1 + d0
348 	     = 281_4749_7671_0656 d3 + 42_9496_7296 d2 + 6_5536 d1 + d0 */
349 	q   = 656 * d3 + 7296 * d2 + 5536 * d1 + ((uint32_t)n & 0xffff);
350 	q = put_dec_helper4(buf, q);
351 
352 	q += 7671 * d3 + 9496 * d2 + 6 * d1;
353 	q = put_dec_helper4(buf+4, q);
354 
355 	q += 4749 * d3 + 42 * d2;
356 	q = put_dec_helper4(buf+8, q);
357 
358 	q += 281 * d3;
359 	buf += 12;
360 	if (q)
361 		buf = put_dec_trunc8(buf, q);
362 	else while (buf[-1] == '0')
363 		--buf;
364 
365 	return buf;
366 }
367 
368 #endif
369 
370 /*
371  * Convert passed number to decimal string.
372  * Returns the length of string.  On buffer overflow, returns 0.
373  *
374  * If speed is not important, use snprintf(). It's easy to read the code.
375  */
num_to_str(char * buf,int size,unsigned long long num,unsigned int width)376 int num_to_str(char *buf, int size, unsigned long long num, unsigned int width)
377 {
378 	/* put_dec requires 2-byte alignment of the buffer. */
379 	char tmp[sizeof(num) * 3] __aligned(2);
380 	int idx, len;
381 
382 	/* put_dec() may work incorrectly for num = 0 (generate "", not "0") */
383 	if (num <= 9) {
384 		tmp[0] = '0' + num;
385 		len = 1;
386 	} else {
387 		len = put_dec(tmp, num) - tmp;
388 	}
389 
390 	if (len > size || width > size)
391 		return 0;
392 
393 	if (width > len) {
394 		width = width - len;
395 		for (idx = 0; idx < width; idx++)
396 			buf[idx] = ' ';
397 	} else {
398 		width = 0;
399 	}
400 
401 	for (idx = 0; idx < len; ++idx)
402 		buf[idx + width] = tmp[len - idx - 1];
403 
404 	return len + width;
405 }
406 
407 #define SIGN	1		/* unsigned/signed, must be 1 */
408 #define LEFT	2		/* left justified */
409 #define PLUS	4		/* show plus */
410 #define SPACE	8		/* space if plus */
411 #define ZEROPAD	16		/* pad with zero, must be 16 == '0' - ' ' */
412 #define SMALL	32		/* use lowercase in hex (must be 32 == 0x20) */
413 #define SPECIAL	64		/* prefix hex with "0x", octal with "0" */
414 
415 static_assert(SIGN == 1);
416 static_assert(ZEROPAD == ('0' - ' '));
417 static_assert(SMALL == ('a' ^ 'A'));
418 
419 enum format_type {
420 	FORMAT_TYPE_NONE, /* Just a string part */
421 	FORMAT_TYPE_WIDTH,
422 	FORMAT_TYPE_PRECISION,
423 	FORMAT_TYPE_CHAR,
424 	FORMAT_TYPE_STR,
425 	FORMAT_TYPE_PTR,
426 	FORMAT_TYPE_PERCENT_CHAR,
427 	FORMAT_TYPE_INVALID,
428 	FORMAT_TYPE_LONG_LONG,
429 	FORMAT_TYPE_ULONG,
430 	FORMAT_TYPE_LONG,
431 	FORMAT_TYPE_UBYTE,
432 	FORMAT_TYPE_BYTE,
433 	FORMAT_TYPE_USHORT,
434 	FORMAT_TYPE_SHORT,
435 	FORMAT_TYPE_UINT,
436 	FORMAT_TYPE_INT,
437 	FORMAT_TYPE_SIZE_T,
438 	FORMAT_TYPE_PTRDIFF
439 };
440 
441 struct printf_spec {
442 	unsigned int	type:8;		/* format_type enum */
443 	signed int	field_width:24;	/* width of output field */
444 	unsigned int	flags:8;	/* flags to number() */
445 	unsigned int	base:8;		/* number base, 8, 10 or 16 only */
446 	signed int	precision:16;	/* # of digits/chars */
447 } __packed;
448 static_assert(sizeof(struct printf_spec) == 8);
449 
450 #define FIELD_WIDTH_MAX ((1 << 23) - 1)
451 #define PRECISION_MAX ((1 << 15) - 1)
452 
453 static noinline_for_stack
number(char * buf,char * end,unsigned long long num,struct printf_spec spec)454 char *number(char *buf, char *end, unsigned long long num,
455 	     struct printf_spec spec)
456 {
457 	/* put_dec requires 2-byte alignment of the buffer. */
458 	char tmp[3 * sizeof(num)] __aligned(2);
459 	char sign;
460 	char locase;
461 	int need_pfx = ((spec.flags & SPECIAL) && spec.base != 10);
462 	int i;
463 	bool is_zero = num == 0LL;
464 	int field_width = spec.field_width;
465 	int precision = spec.precision;
466 
467 	/* locase = 0 or 0x20. ORing digits or letters with 'locase'
468 	 * produces same digits or (maybe lowercased) letters */
469 	locase = (spec.flags & SMALL);
470 	if (spec.flags & LEFT)
471 		spec.flags &= ~ZEROPAD;
472 	sign = 0;
473 	if (spec.flags & SIGN) {
474 		if ((signed long long)num < 0) {
475 			sign = '-';
476 			num = -(signed long long)num;
477 			field_width--;
478 		} else if (spec.flags & PLUS) {
479 			sign = '+';
480 			field_width--;
481 		} else if (spec.flags & SPACE) {
482 			sign = ' ';
483 			field_width--;
484 		}
485 	}
486 	if (need_pfx) {
487 		if (spec.base == 16)
488 			field_width -= 2;
489 		else if (!is_zero)
490 			field_width--;
491 	}
492 
493 	/* generate full string in tmp[], in reverse order */
494 	i = 0;
495 	if (num < spec.base)
496 		tmp[i++] = hex_asc_upper[num] | locase;
497 	else if (spec.base != 10) { /* 8 or 16 */
498 		int mask = spec.base - 1;
499 		int shift = 3;
500 
501 		if (spec.base == 16)
502 			shift = 4;
503 		do {
504 			tmp[i++] = (hex_asc_upper[((unsigned char)num) & mask] | locase);
505 			num >>= shift;
506 		} while (num);
507 	} else { /* base 10 */
508 		i = put_dec(tmp, num) - tmp;
509 	}
510 
511 	/* printing 100 using %2d gives "100", not "00" */
512 	if (i > precision)
513 		precision = i;
514 	/* leading space padding */
515 	field_width -= precision;
516 	if (!(spec.flags & (ZEROPAD | LEFT))) {
517 		while (--field_width >= 0) {
518 			if (buf < end)
519 				*buf = ' ';
520 			++buf;
521 		}
522 	}
523 	/* sign */
524 	if (sign) {
525 		if (buf < end)
526 			*buf = sign;
527 		++buf;
528 	}
529 	/* "0x" / "0" prefix */
530 	if (need_pfx) {
531 		if (spec.base == 16 || !is_zero) {
532 			if (buf < end)
533 				*buf = '0';
534 			++buf;
535 		}
536 		if (spec.base == 16) {
537 			if (buf < end)
538 				*buf = ('X' | locase);
539 			++buf;
540 		}
541 	}
542 	/* zero or space padding */
543 	if (!(spec.flags & LEFT)) {
544 		char c = ' ' + (spec.flags & ZEROPAD);
545 
546 		while (--field_width >= 0) {
547 			if (buf < end)
548 				*buf = c;
549 			++buf;
550 		}
551 	}
552 	/* hmm even more zero padding? */
553 	while (i <= --precision) {
554 		if (buf < end)
555 			*buf = '0';
556 		++buf;
557 	}
558 	/* actual digits of result */
559 	while (--i >= 0) {
560 		if (buf < end)
561 			*buf = tmp[i];
562 		++buf;
563 	}
564 	/* trailing space padding */
565 	while (--field_width >= 0) {
566 		if (buf < end)
567 			*buf = ' ';
568 		++buf;
569 	}
570 
571 	return buf;
572 }
573 
574 static noinline_for_stack
special_hex_number(char * buf,char * end,unsigned long long num,int size)575 char *special_hex_number(char *buf, char *end, unsigned long long num, int size)
576 {
577 	struct printf_spec spec;
578 
579 	spec.type = FORMAT_TYPE_PTR;
580 	spec.field_width = 2 + 2 * size;	/* 0x + hex */
581 	spec.flags = SPECIAL | SMALL | ZEROPAD;
582 	spec.base = 16;
583 	spec.precision = -1;
584 
585 	return number(buf, end, num, spec);
586 }
587 
move_right(char * buf,char * end,unsigned len,unsigned spaces)588 static void move_right(char *buf, char *end, unsigned len, unsigned spaces)
589 {
590 	size_t size;
591 	if (buf >= end)	/* nowhere to put anything */
592 		return;
593 	size = end - buf;
594 	if (size <= spaces) {
595 		memset(buf, ' ', size);
596 		return;
597 	}
598 	if (len) {
599 		if (len > size - spaces)
600 			len = size - spaces;
601 		memmove(buf + spaces, buf, len);
602 	}
603 	memset(buf, ' ', spaces);
604 }
605 
606 /*
607  * Handle field width padding for a string.
608  * @buf: current buffer position
609  * @n: length of string
610  * @end: end of output buffer
611  * @spec: for field width and flags
612  * Returns: new buffer position after padding.
613  */
614 static noinline_for_stack
widen_string(char * buf,int n,char * end,struct printf_spec spec)615 char *widen_string(char *buf, int n, char *end, struct printf_spec spec)
616 {
617 	unsigned spaces;
618 
619 	if (likely(n >= spec.field_width))
620 		return buf;
621 	/* we want to pad the sucker */
622 	spaces = spec.field_width - n;
623 	if (!(spec.flags & LEFT)) {
624 		move_right(buf - n, end, n, spaces);
625 		return buf + spaces;
626 	}
627 	while (spaces--) {
628 		if (buf < end)
629 			*buf = ' ';
630 		++buf;
631 	}
632 	return buf;
633 }
634 
635 /* Handle string from a well known address. */
string_nocheck(char * buf,char * end,const char * s,struct printf_spec spec)636 static char *string_nocheck(char *buf, char *end, const char *s,
637 			    struct printf_spec spec)
638 {
639 	int len = 0;
640 	int lim = spec.precision;
641 
642 	while (lim--) {
643 		char c = *s++;
644 		if (!c)
645 			break;
646 		if (buf < end)
647 			*buf = c;
648 		++buf;
649 		++len;
650 	}
651 	return widen_string(buf, len, end, spec);
652 }
653 
err_ptr(char * buf,char * end,void * ptr,struct printf_spec spec)654 static char *err_ptr(char *buf, char *end, void *ptr,
655 		     struct printf_spec spec)
656 {
657 	int err = PTR_ERR(ptr);
658 	const char *sym = errname(err);
659 
660 	if (sym)
661 		return string_nocheck(buf, end, sym, spec);
662 
663 	/*
664 	 * Somebody passed ERR_PTR(-1234) or some other non-existing
665 	 * Efoo - or perhaps CONFIG_SYMBOLIC_ERRNAME=n. Fall back to
666 	 * printing it as its decimal representation.
667 	 */
668 	spec.flags |= SIGN;
669 	spec.base = 10;
670 	return number(buf, end, err, spec);
671 }
672 
673 /* Be careful: error messages must fit into the given buffer. */
error_string(char * buf,char * end,const char * s,struct printf_spec spec)674 static char *error_string(char *buf, char *end, const char *s,
675 			  struct printf_spec spec)
676 {
677 	/*
678 	 * Hard limit to avoid a completely insane messages. It actually
679 	 * works pretty well because most error messages are in
680 	 * the many pointer format modifiers.
681 	 */
682 	if (spec.precision == -1)
683 		spec.precision = 2 * sizeof(void *);
684 
685 	return string_nocheck(buf, end, s, spec);
686 }
687 
688 /*
689  * Do not call any complex external code here. Nested printk()/vsprintf()
690  * might cause infinite loops. Failures might break printk() and would
691  * be hard to debug.
692  */
check_pointer_msg(const void * ptr)693 static const char *check_pointer_msg(const void *ptr)
694 {
695 	if (!ptr)
696 		return "(null)";
697 
698 	if ((unsigned long)ptr < PAGE_SIZE || IS_ERR_VALUE(ptr))
699 		return "(efault)";
700 
701 	return NULL;
702 }
703 
check_pointer(char ** buf,char * end,const void * ptr,struct printf_spec spec)704 static int check_pointer(char **buf, char *end, const void *ptr,
705 			 struct printf_spec spec)
706 {
707 	const char *err_msg;
708 
709 	err_msg = check_pointer_msg(ptr);
710 	if (err_msg) {
711 		*buf = error_string(*buf, end, err_msg, spec);
712 		return -EFAULT;
713 	}
714 
715 	return 0;
716 }
717 
718 static noinline_for_stack
string(char * buf,char * end,const char * s,struct printf_spec spec)719 char *string(char *buf, char *end, const char *s,
720 	     struct printf_spec spec)
721 {
722 	if (check_pointer(&buf, end, s, spec))
723 		return buf;
724 
725 	return string_nocheck(buf, end, s, spec);
726 }
727 
pointer_string(char * buf,char * end,const void * ptr,struct printf_spec spec)728 static char *pointer_string(char *buf, char *end,
729 			    const void *ptr,
730 			    struct printf_spec spec)
731 {
732 	spec.base = 16;
733 	spec.flags |= SMALL;
734 	if (spec.field_width == -1) {
735 		spec.field_width = 2 * sizeof(ptr);
736 		spec.flags |= ZEROPAD;
737 	}
738 
739 	return number(buf, end, (unsigned long int)ptr, spec);
740 }
741 
742 /* Make pointers available for printing early in the boot sequence. */
743 static int debug_boot_weak_hash __ro_after_init;
744 
debug_boot_weak_hash_enable(char * str)745 static int __init debug_boot_weak_hash_enable(char *str)
746 {
747 	debug_boot_weak_hash = 1;
748 	pr_info("debug_boot_weak_hash enabled\n");
749 	return 0;
750 }
751 early_param("debug_boot_weak_hash", debug_boot_weak_hash_enable);
752 
753 static bool filled_random_ptr_key __read_mostly;
754 static siphash_key_t ptr_key __read_mostly;
755 static void fill_ptr_key_workfn(struct work_struct *work);
756 static DECLARE_DELAYED_WORK(fill_ptr_key_work, fill_ptr_key_workfn);
757 
fill_ptr_key_workfn(struct work_struct * work)758 static void fill_ptr_key_workfn(struct work_struct *work)
759 {
760 	if (!rng_is_initialized()) {
761 		queue_delayed_work(system_unbound_wq, &fill_ptr_key_work, HZ  * 2);
762 		return;
763 	}
764 
765 	get_random_bytes(&ptr_key, sizeof(ptr_key));
766 
767 	/* Pairs with smp_rmb() before reading ptr_key. */
768 	smp_wmb();
769 	WRITE_ONCE(filled_random_ptr_key, true);
770 }
771 
vsprintf_init_hashval(void)772 static int __init vsprintf_init_hashval(void)
773 {
774 	fill_ptr_key_workfn(NULL);
775 	return 0;
776 }
subsys_initcall(vsprintf_init_hashval)777 subsys_initcall(vsprintf_init_hashval)
778 
779 /* Maps a pointer to a 32 bit unique identifier. */
780 static inline int __ptr_to_hashval(const void *ptr, unsigned long *hashval_out)
781 {
782 	unsigned long hashval;
783 
784 	if (!READ_ONCE(filled_random_ptr_key))
785 		return -EBUSY;
786 
787 	/* Pairs with smp_wmb() after writing ptr_key. */
788 	smp_rmb();
789 
790 #ifdef CONFIG_64BIT
791 	hashval = (unsigned long)siphash_1u64((u64)ptr, &ptr_key);
792 	/*
793 	 * Mask off the first 32 bits, this makes explicit that we have
794 	 * modified the address (and 32 bits is plenty for a unique ID).
795 	 */
796 	hashval = hashval & 0xffffffff;
797 #else
798 	hashval = (unsigned long)siphash_1u32((u32)ptr, &ptr_key);
799 #endif
800 	*hashval_out = hashval;
801 	return 0;
802 }
803 
ptr_to_hashval(const void * ptr,unsigned long * hashval_out)804 int ptr_to_hashval(const void *ptr, unsigned long *hashval_out)
805 {
806 	return __ptr_to_hashval(ptr, hashval_out);
807 }
808 
ptr_to_id(char * buf,char * end,const void * ptr,struct printf_spec spec)809 static char *ptr_to_id(char *buf, char *end, const void *ptr,
810 		       struct printf_spec spec)
811 {
812 	const char *str = sizeof(ptr) == 8 ? "(____ptrval____)" : "(ptrval)";
813 	unsigned long hashval;
814 	int ret;
815 
816 	/*
817 	 * Print the real pointer value for NULL and error pointers,
818 	 * as they are not actual addresses.
819 	 */
820 	if (IS_ERR_OR_NULL(ptr))
821 		return pointer_string(buf, end, ptr, spec);
822 
823 	/* When debugging early boot use non-cryptographically secure hash. */
824 	if (unlikely(debug_boot_weak_hash)) {
825 		hashval = hash_long((unsigned long)ptr, 32);
826 		return pointer_string(buf, end, (const void *)hashval, spec);
827 	}
828 
829 	ret = __ptr_to_hashval(ptr, &hashval);
830 	if (ret) {
831 		spec.field_width = 2 * sizeof(ptr);
832 		/* string length must be less than default_width */
833 		return error_string(buf, end, str, spec);
834 	}
835 
836 	return pointer_string(buf, end, (const void *)hashval, spec);
837 }
838 
default_pointer(char * buf,char * end,const void * ptr,struct printf_spec spec)839 static char *default_pointer(char *buf, char *end, const void *ptr,
840 			     struct printf_spec spec)
841 {
842 	/*
843 	 * default is to _not_ leak addresses, so hash before printing,
844 	 * unless no_hash_pointers is specified on the command line.
845 	 */
846 	if (unlikely(no_hash_pointers))
847 		return pointer_string(buf, end, ptr, spec);
848 
849 	return ptr_to_id(buf, end, ptr, spec);
850 }
851 
852 int kptr_restrict __read_mostly;
853 
854 static noinline_for_stack
restricted_pointer(char * buf,char * end,const void * ptr,struct printf_spec spec)855 char *restricted_pointer(char *buf, char *end, const void *ptr,
856 			 struct printf_spec spec)
857 {
858 	switch (kptr_restrict) {
859 	case 0:
860 		/* Handle as %p, hash and do _not_ leak addresses. */
861 		return default_pointer(buf, end, ptr, spec);
862 	case 1: {
863 		const struct cred *cred;
864 
865 		/*
866 		 * kptr_restrict==1 cannot be used in IRQ context
867 		 * because its test for CAP_SYSLOG would be meaningless.
868 		 */
869 		if (in_irq() || in_serving_softirq() || in_nmi()) {
870 			if (spec.field_width == -1)
871 				spec.field_width = 2 * sizeof(ptr);
872 			return error_string(buf, end, "pK-error", spec);
873 		}
874 
875 		/*
876 		 * Only print the real pointer value if the current
877 		 * process has CAP_SYSLOG and is running with the
878 		 * same credentials it started with. This is because
879 		 * access to files is checked at open() time, but %pK
880 		 * checks permission at read() time. We don't want to
881 		 * leak pointer values if a binary opens a file using
882 		 * %pK and then elevates privileges before reading it.
883 		 */
884 		cred = current_cred();
885 		if (!has_capability_noaudit(current, CAP_SYSLOG) ||
886 		    !uid_eq(cred->euid, cred->uid) ||
887 		    !gid_eq(cred->egid, cred->gid))
888 			ptr = NULL;
889 		break;
890 	}
891 	case 2:
892 	default:
893 		/* Always print 0's for %pK */
894 		ptr = NULL;
895 		break;
896 	}
897 
898 	return pointer_string(buf, end, ptr, spec);
899 }
900 
901 static noinline_for_stack
dentry_name(char * buf,char * end,const struct dentry * d,struct printf_spec spec,const char * fmt)902 char *dentry_name(char *buf, char *end, const struct dentry *d, struct printf_spec spec,
903 		  const char *fmt)
904 {
905 	const char *array[4], *s;
906 	const struct dentry *p;
907 	int depth;
908 	int i, n;
909 
910 	switch (fmt[1]) {
911 		case '2': case '3': case '4':
912 			depth = fmt[1] - '0';
913 			break;
914 		default:
915 			depth = 1;
916 	}
917 
918 	rcu_read_lock();
919 	for (i = 0; i < depth; i++, d = p) {
920 		if (check_pointer(&buf, end, d, spec)) {
921 			rcu_read_unlock();
922 			return buf;
923 		}
924 
925 		p = READ_ONCE(d->d_parent);
926 		array[i] = READ_ONCE(d->d_name.name);
927 		if (p == d) {
928 			if (i)
929 				array[i] = "";
930 			i++;
931 			break;
932 		}
933 	}
934 	s = array[--i];
935 	for (n = 0; n != spec.precision; n++, buf++) {
936 		char c = *s++;
937 		if (!c) {
938 			if (!i)
939 				break;
940 			c = '/';
941 			s = array[--i];
942 		}
943 		if (buf < end)
944 			*buf = c;
945 	}
946 	rcu_read_unlock();
947 	return widen_string(buf, n, end, spec);
948 }
949 
950 static noinline_for_stack
file_dentry_name(char * buf,char * end,const struct file * f,struct printf_spec spec,const char * fmt)951 char *file_dentry_name(char *buf, char *end, const struct file *f,
952 			struct printf_spec spec, const char *fmt)
953 {
954 	if (check_pointer(&buf, end, f, spec))
955 		return buf;
956 
957 	return dentry_name(buf, end, f->f_path.dentry, spec, fmt);
958 }
959 #ifdef CONFIG_BLOCK
960 static noinline_for_stack
bdev_name(char * buf,char * end,struct block_device * bdev,struct printf_spec spec,const char * fmt)961 char *bdev_name(char *buf, char *end, struct block_device *bdev,
962 		struct printf_spec spec, const char *fmt)
963 {
964 	struct gendisk *hd;
965 
966 	if (check_pointer(&buf, end, bdev, spec))
967 		return buf;
968 
969 	hd = bdev->bd_disk;
970 	buf = string(buf, end, hd->disk_name, spec);
971 	if (bdev->bd_partno) {
972 		if (isdigit(hd->disk_name[strlen(hd->disk_name)-1])) {
973 			if (buf < end)
974 				*buf = 'p';
975 			buf++;
976 		}
977 		buf = number(buf, end, bdev->bd_partno, spec);
978 	}
979 	return buf;
980 }
981 #endif
982 
983 static noinline_for_stack
symbol_string(char * buf,char * end,void * ptr,struct printf_spec spec,const char * fmt)984 char *symbol_string(char *buf, char *end, void *ptr,
985 		    struct printf_spec spec, const char *fmt)
986 {
987 	unsigned long value;
988 #ifdef CONFIG_KALLSYMS
989 	char sym[KSYM_SYMBOL_LEN];
990 #endif
991 
992 	if (fmt[1] == 'R')
993 		ptr = __builtin_extract_return_addr(ptr);
994 	value = (unsigned long)ptr;
995 
996 #ifdef CONFIG_KALLSYMS
997 	if (*fmt == 'B' && fmt[1] == 'b')
998 		sprint_backtrace_build_id(sym, value);
999 	else if (*fmt == 'B')
1000 		sprint_backtrace(sym, value);
1001 	else if (*fmt == 'S' && (fmt[1] == 'b' || (fmt[1] == 'R' && fmt[2] == 'b')))
1002 		sprint_symbol_build_id(sym, value);
1003 	else if (*fmt != 's')
1004 		sprint_symbol(sym, value);
1005 	else
1006 		sprint_symbol_no_offset(sym, value);
1007 
1008 	return string_nocheck(buf, end, sym, spec);
1009 #else
1010 	return special_hex_number(buf, end, value, sizeof(void *));
1011 #endif
1012 }
1013 
1014 static const struct printf_spec default_str_spec = {
1015 	.field_width = -1,
1016 	.precision = -1,
1017 };
1018 
1019 static const struct printf_spec default_flag_spec = {
1020 	.base = 16,
1021 	.precision = -1,
1022 	.flags = SPECIAL | SMALL,
1023 };
1024 
1025 static const struct printf_spec default_dec_spec = {
1026 	.base = 10,
1027 	.precision = -1,
1028 };
1029 
1030 static const struct printf_spec default_dec02_spec = {
1031 	.base = 10,
1032 	.field_width = 2,
1033 	.precision = -1,
1034 	.flags = ZEROPAD,
1035 };
1036 
1037 static const struct printf_spec default_dec04_spec = {
1038 	.base = 10,
1039 	.field_width = 4,
1040 	.precision = -1,
1041 	.flags = ZEROPAD,
1042 };
1043 
1044 static noinline_for_stack
resource_string(char * buf,char * end,struct resource * res,struct printf_spec spec,const char * fmt)1045 char *resource_string(char *buf, char *end, struct resource *res,
1046 		      struct printf_spec spec, const char *fmt)
1047 {
1048 #ifndef IO_RSRC_PRINTK_SIZE
1049 #define IO_RSRC_PRINTK_SIZE	6
1050 #endif
1051 
1052 #ifndef MEM_RSRC_PRINTK_SIZE
1053 #define MEM_RSRC_PRINTK_SIZE	10
1054 #endif
1055 	static const struct printf_spec io_spec = {
1056 		.base = 16,
1057 		.field_width = IO_RSRC_PRINTK_SIZE,
1058 		.precision = -1,
1059 		.flags = SPECIAL | SMALL | ZEROPAD,
1060 	};
1061 	static const struct printf_spec mem_spec = {
1062 		.base = 16,
1063 		.field_width = MEM_RSRC_PRINTK_SIZE,
1064 		.precision = -1,
1065 		.flags = SPECIAL | SMALL | ZEROPAD,
1066 	};
1067 	static const struct printf_spec bus_spec = {
1068 		.base = 16,
1069 		.field_width = 2,
1070 		.precision = -1,
1071 		.flags = SMALL | ZEROPAD,
1072 	};
1073 	static const struct printf_spec str_spec = {
1074 		.field_width = -1,
1075 		.precision = 10,
1076 		.flags = LEFT,
1077 	};
1078 
1079 	/* 32-bit res (sizeof==4): 10 chars in dec, 10 in hex ("0x" + 8)
1080 	 * 64-bit res (sizeof==8): 20 chars in dec, 18 in hex ("0x" + 16) */
1081 #define RSRC_BUF_SIZE		((2 * sizeof(resource_size_t)) + 4)
1082 #define FLAG_BUF_SIZE		(2 * sizeof(res->flags))
1083 #define DECODED_BUF_SIZE	sizeof("[mem - 64bit pref window disabled]")
1084 #define RAW_BUF_SIZE		sizeof("[mem - flags 0x]")
1085 	char sym[max(2*RSRC_BUF_SIZE + DECODED_BUF_SIZE,
1086 		     2*RSRC_BUF_SIZE + FLAG_BUF_SIZE + RAW_BUF_SIZE)];
1087 
1088 	char *p = sym, *pend = sym + sizeof(sym);
1089 	int decode = (fmt[0] == 'R') ? 1 : 0;
1090 	const struct printf_spec *specp;
1091 
1092 	if (check_pointer(&buf, end, res, spec))
1093 		return buf;
1094 
1095 	*p++ = '[';
1096 	if (res->flags & IORESOURCE_IO) {
1097 		p = string_nocheck(p, pend, "io  ", str_spec);
1098 		specp = &io_spec;
1099 	} else if (res->flags & IORESOURCE_MEM) {
1100 		p = string_nocheck(p, pend, "mem ", str_spec);
1101 		specp = &mem_spec;
1102 	} else if (res->flags & IORESOURCE_IRQ) {
1103 		p = string_nocheck(p, pend, "irq ", str_spec);
1104 		specp = &default_dec_spec;
1105 	} else if (res->flags & IORESOURCE_DMA) {
1106 		p = string_nocheck(p, pend, "dma ", str_spec);
1107 		specp = &default_dec_spec;
1108 	} else if (res->flags & IORESOURCE_BUS) {
1109 		p = string_nocheck(p, pend, "bus ", str_spec);
1110 		specp = &bus_spec;
1111 	} else {
1112 		p = string_nocheck(p, pend, "??? ", str_spec);
1113 		specp = &mem_spec;
1114 		decode = 0;
1115 	}
1116 	if (decode && res->flags & IORESOURCE_UNSET) {
1117 		p = string_nocheck(p, pend, "size ", str_spec);
1118 		p = number(p, pend, resource_size(res), *specp);
1119 	} else {
1120 		p = number(p, pend, res->start, *specp);
1121 		if (res->start != res->end) {
1122 			*p++ = '-';
1123 			p = number(p, pend, res->end, *specp);
1124 		}
1125 	}
1126 	if (decode) {
1127 		if (res->flags & IORESOURCE_MEM_64)
1128 			p = string_nocheck(p, pend, " 64bit", str_spec);
1129 		if (res->flags & IORESOURCE_PREFETCH)
1130 			p = string_nocheck(p, pend, " pref", str_spec);
1131 		if (res->flags & IORESOURCE_WINDOW)
1132 			p = string_nocheck(p, pend, " window", str_spec);
1133 		if (res->flags & IORESOURCE_DISABLED)
1134 			p = string_nocheck(p, pend, " disabled", str_spec);
1135 	} else {
1136 		p = string_nocheck(p, pend, " flags ", str_spec);
1137 		p = number(p, pend, res->flags, default_flag_spec);
1138 	}
1139 	*p++ = ']';
1140 	*p = '\0';
1141 
1142 	return string_nocheck(buf, end, sym, spec);
1143 }
1144 
1145 static noinline_for_stack
hex_string(char * buf,char * end,u8 * addr,struct printf_spec spec,const char * fmt)1146 char *hex_string(char *buf, char *end, u8 *addr, struct printf_spec spec,
1147 		 const char *fmt)
1148 {
1149 	int i, len = 1;		/* if we pass '%ph[CDN]', field width remains
1150 				   negative value, fallback to the default */
1151 	char separator;
1152 
1153 	if (spec.field_width == 0)
1154 		/* nothing to print */
1155 		return buf;
1156 
1157 	if (check_pointer(&buf, end, addr, spec))
1158 		return buf;
1159 
1160 	switch (fmt[1]) {
1161 	case 'C':
1162 		separator = ':';
1163 		break;
1164 	case 'D':
1165 		separator = '-';
1166 		break;
1167 	case 'N':
1168 		separator = 0;
1169 		break;
1170 	default:
1171 		separator = ' ';
1172 		break;
1173 	}
1174 
1175 	if (spec.field_width > 0)
1176 		len = min_t(int, spec.field_width, 64);
1177 
1178 	for (i = 0; i < len; ++i) {
1179 		if (buf < end)
1180 			*buf = hex_asc_hi(addr[i]);
1181 		++buf;
1182 		if (buf < end)
1183 			*buf = hex_asc_lo(addr[i]);
1184 		++buf;
1185 
1186 		if (separator && i != len - 1) {
1187 			if (buf < end)
1188 				*buf = separator;
1189 			++buf;
1190 		}
1191 	}
1192 
1193 	return buf;
1194 }
1195 
1196 static noinline_for_stack
bitmap_string(char * buf,char * end,const unsigned long * bitmap,struct printf_spec spec,const char * fmt)1197 char *bitmap_string(char *buf, char *end, const unsigned long *bitmap,
1198 		    struct printf_spec spec, const char *fmt)
1199 {
1200 	const int CHUNKSZ = 32;
1201 	int nr_bits = max_t(int, spec.field_width, 0);
1202 	int i, chunksz;
1203 	bool first = true;
1204 
1205 	if (check_pointer(&buf, end, bitmap, spec))
1206 		return buf;
1207 
1208 	/* reused to print numbers */
1209 	spec = (struct printf_spec){ .flags = SMALL | ZEROPAD, .base = 16 };
1210 
1211 	chunksz = nr_bits & (CHUNKSZ - 1);
1212 	if (chunksz == 0)
1213 		chunksz = CHUNKSZ;
1214 
1215 	i = ALIGN(nr_bits, CHUNKSZ) - CHUNKSZ;
1216 	for (; i >= 0; i -= CHUNKSZ) {
1217 		u32 chunkmask, val;
1218 		int word, bit;
1219 
1220 		chunkmask = ((1ULL << chunksz) - 1);
1221 		word = i / BITS_PER_LONG;
1222 		bit = i % BITS_PER_LONG;
1223 		val = (bitmap[word] >> bit) & chunkmask;
1224 
1225 		if (!first) {
1226 			if (buf < end)
1227 				*buf = ',';
1228 			buf++;
1229 		}
1230 		first = false;
1231 
1232 		spec.field_width = DIV_ROUND_UP(chunksz, 4);
1233 		buf = number(buf, end, val, spec);
1234 
1235 		chunksz = CHUNKSZ;
1236 	}
1237 	return buf;
1238 }
1239 
1240 static noinline_for_stack
bitmap_list_string(char * buf,char * end,const unsigned long * bitmap,struct printf_spec spec,const char * fmt)1241 char *bitmap_list_string(char *buf, char *end, const unsigned long *bitmap,
1242 			 struct printf_spec spec, const char *fmt)
1243 {
1244 	int nr_bits = max_t(int, spec.field_width, 0);
1245 	bool first = true;
1246 	int rbot, rtop;
1247 
1248 	if (check_pointer(&buf, end, bitmap, spec))
1249 		return buf;
1250 
1251 	for_each_set_bitrange(rbot, rtop, bitmap, nr_bits) {
1252 		if (!first) {
1253 			if (buf < end)
1254 				*buf = ',';
1255 			buf++;
1256 		}
1257 		first = false;
1258 
1259 		buf = number(buf, end, rbot, default_dec_spec);
1260 		if (rtop == rbot + 1)
1261 			continue;
1262 
1263 		if (buf < end)
1264 			*buf = '-';
1265 		buf = number(++buf, end, rtop - 1, default_dec_spec);
1266 	}
1267 	return buf;
1268 }
1269 
1270 static noinline_for_stack
mac_address_string(char * buf,char * end,u8 * addr,struct printf_spec spec,const char * fmt)1271 char *mac_address_string(char *buf, char *end, u8 *addr,
1272 			 struct printf_spec spec, const char *fmt)
1273 {
1274 	char mac_addr[sizeof("xx:xx:xx:xx:xx:xx")];
1275 	char *p = mac_addr;
1276 	int i;
1277 	char separator;
1278 	bool reversed = false;
1279 
1280 	if (check_pointer(&buf, end, addr, spec))
1281 		return buf;
1282 
1283 	switch (fmt[1]) {
1284 	case 'F':
1285 		separator = '-';
1286 		break;
1287 
1288 	case 'R':
1289 		reversed = true;
1290 		fallthrough;
1291 
1292 	default:
1293 		separator = ':';
1294 		break;
1295 	}
1296 
1297 	for (i = 0; i < 6; i++) {
1298 		if (reversed)
1299 			p = hex_byte_pack(p, addr[5 - i]);
1300 		else
1301 			p = hex_byte_pack(p, addr[i]);
1302 
1303 		if (fmt[0] == 'M' && i != 5)
1304 			*p++ = separator;
1305 	}
1306 	*p = '\0';
1307 
1308 	return string_nocheck(buf, end, mac_addr, spec);
1309 }
1310 
1311 static noinline_for_stack
ip4_string(char * p,const u8 * addr,const char * fmt)1312 char *ip4_string(char *p, const u8 *addr, const char *fmt)
1313 {
1314 	int i;
1315 	bool leading_zeros = (fmt[0] == 'i');
1316 	int index;
1317 	int step;
1318 
1319 	switch (fmt[2]) {
1320 	case 'h':
1321 #ifdef __BIG_ENDIAN
1322 		index = 0;
1323 		step = 1;
1324 #else
1325 		index = 3;
1326 		step = -1;
1327 #endif
1328 		break;
1329 	case 'l':
1330 		index = 3;
1331 		step = -1;
1332 		break;
1333 	case 'n':
1334 	case 'b':
1335 	default:
1336 		index = 0;
1337 		step = 1;
1338 		break;
1339 	}
1340 	for (i = 0; i < 4; i++) {
1341 		char temp[4] __aligned(2);	/* hold each IP quad in reverse order */
1342 		int digits = put_dec_trunc8(temp, addr[index]) - temp;
1343 		if (leading_zeros) {
1344 			if (digits < 3)
1345 				*p++ = '0';
1346 			if (digits < 2)
1347 				*p++ = '0';
1348 		}
1349 		/* reverse the digits in the quad */
1350 		while (digits--)
1351 			*p++ = temp[digits];
1352 		if (i < 3)
1353 			*p++ = '.';
1354 		index += step;
1355 	}
1356 	*p = '\0';
1357 
1358 	return p;
1359 }
1360 
1361 static noinline_for_stack
ip6_compressed_string(char * p,const char * addr)1362 char *ip6_compressed_string(char *p, const char *addr)
1363 {
1364 	int i, j, range;
1365 	unsigned char zerolength[8];
1366 	int longest = 1;
1367 	int colonpos = -1;
1368 	u16 word;
1369 	u8 hi, lo;
1370 	bool needcolon = false;
1371 	bool useIPv4;
1372 	struct in6_addr in6;
1373 
1374 	memcpy(&in6, addr, sizeof(struct in6_addr));
1375 
1376 	useIPv4 = ipv6_addr_v4mapped(&in6) || ipv6_addr_is_isatap(&in6);
1377 
1378 	memset(zerolength, 0, sizeof(zerolength));
1379 
1380 	if (useIPv4)
1381 		range = 6;
1382 	else
1383 		range = 8;
1384 
1385 	/* find position of longest 0 run */
1386 	for (i = 0; i < range; i++) {
1387 		for (j = i; j < range; j++) {
1388 			if (in6.s6_addr16[j] != 0)
1389 				break;
1390 			zerolength[i]++;
1391 		}
1392 	}
1393 	for (i = 0; i < range; i++) {
1394 		if (zerolength[i] > longest) {
1395 			longest = zerolength[i];
1396 			colonpos = i;
1397 		}
1398 	}
1399 	if (longest == 1)		/* don't compress a single 0 */
1400 		colonpos = -1;
1401 
1402 	/* emit address */
1403 	for (i = 0; i < range; i++) {
1404 		if (i == colonpos) {
1405 			if (needcolon || i == 0)
1406 				*p++ = ':';
1407 			*p++ = ':';
1408 			needcolon = false;
1409 			i += longest - 1;
1410 			continue;
1411 		}
1412 		if (needcolon) {
1413 			*p++ = ':';
1414 			needcolon = false;
1415 		}
1416 		/* hex u16 without leading 0s */
1417 		word = ntohs(in6.s6_addr16[i]);
1418 		hi = word >> 8;
1419 		lo = word & 0xff;
1420 		if (hi) {
1421 			if (hi > 0x0f)
1422 				p = hex_byte_pack(p, hi);
1423 			else
1424 				*p++ = hex_asc_lo(hi);
1425 			p = hex_byte_pack(p, lo);
1426 		}
1427 		else if (lo > 0x0f)
1428 			p = hex_byte_pack(p, lo);
1429 		else
1430 			*p++ = hex_asc_lo(lo);
1431 		needcolon = true;
1432 	}
1433 
1434 	if (useIPv4) {
1435 		if (needcolon)
1436 			*p++ = ':';
1437 		p = ip4_string(p, &in6.s6_addr[12], "I4");
1438 	}
1439 	*p = '\0';
1440 
1441 	return p;
1442 }
1443 
1444 static noinline_for_stack
ip6_string(char * p,const char * addr,const char * fmt)1445 char *ip6_string(char *p, const char *addr, const char *fmt)
1446 {
1447 	int i;
1448 
1449 	for (i = 0; i < 8; i++) {
1450 		p = hex_byte_pack(p, *addr++);
1451 		p = hex_byte_pack(p, *addr++);
1452 		if (fmt[0] == 'I' && i != 7)
1453 			*p++ = ':';
1454 	}
1455 	*p = '\0';
1456 
1457 	return p;
1458 }
1459 
1460 static noinline_for_stack
ip6_addr_string(char * buf,char * end,const u8 * addr,struct printf_spec spec,const char * fmt)1461 char *ip6_addr_string(char *buf, char *end, const u8 *addr,
1462 		      struct printf_spec spec, const char *fmt)
1463 {
1464 	char ip6_addr[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:255.255.255.255")];
1465 
1466 	if (fmt[0] == 'I' && fmt[2] == 'c')
1467 		ip6_compressed_string(ip6_addr, addr);
1468 	else
1469 		ip6_string(ip6_addr, addr, fmt);
1470 
1471 	return string_nocheck(buf, end, ip6_addr, spec);
1472 }
1473 
1474 static noinline_for_stack
ip4_addr_string(char * buf,char * end,const u8 * addr,struct printf_spec spec,const char * fmt)1475 char *ip4_addr_string(char *buf, char *end, const u8 *addr,
1476 		      struct printf_spec spec, const char *fmt)
1477 {
1478 	char ip4_addr[sizeof("255.255.255.255")];
1479 
1480 	ip4_string(ip4_addr, addr, fmt);
1481 
1482 	return string_nocheck(buf, end, ip4_addr, spec);
1483 }
1484 
1485 static noinline_for_stack
ip6_addr_string_sa(char * buf,char * end,const struct sockaddr_in6 * sa,struct printf_spec spec,const char * fmt)1486 char *ip6_addr_string_sa(char *buf, char *end, const struct sockaddr_in6 *sa,
1487 			 struct printf_spec spec, const char *fmt)
1488 {
1489 	bool have_p = false, have_s = false, have_f = false, have_c = false;
1490 	char ip6_addr[sizeof("[xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:255.255.255.255]") +
1491 		      sizeof(":12345") + sizeof("/123456789") +
1492 		      sizeof("%1234567890")];
1493 	char *p = ip6_addr, *pend = ip6_addr + sizeof(ip6_addr);
1494 	const u8 *addr = (const u8 *) &sa->sin6_addr;
1495 	char fmt6[2] = { fmt[0], '6' };
1496 	u8 off = 0;
1497 
1498 	fmt++;
1499 	while (isalpha(*++fmt)) {
1500 		switch (*fmt) {
1501 		case 'p':
1502 			have_p = true;
1503 			break;
1504 		case 'f':
1505 			have_f = true;
1506 			break;
1507 		case 's':
1508 			have_s = true;
1509 			break;
1510 		case 'c':
1511 			have_c = true;
1512 			break;
1513 		}
1514 	}
1515 
1516 	if (have_p || have_s || have_f) {
1517 		*p = '[';
1518 		off = 1;
1519 	}
1520 
1521 	if (fmt6[0] == 'I' && have_c)
1522 		p = ip6_compressed_string(ip6_addr + off, addr);
1523 	else
1524 		p = ip6_string(ip6_addr + off, addr, fmt6);
1525 
1526 	if (have_p || have_s || have_f)
1527 		*p++ = ']';
1528 
1529 	if (have_p) {
1530 		*p++ = ':';
1531 		p = number(p, pend, ntohs(sa->sin6_port), spec);
1532 	}
1533 	if (have_f) {
1534 		*p++ = '/';
1535 		p = number(p, pend, ntohl(sa->sin6_flowinfo &
1536 					  IPV6_FLOWINFO_MASK), spec);
1537 	}
1538 	if (have_s) {
1539 		*p++ = '%';
1540 		p = number(p, pend, sa->sin6_scope_id, spec);
1541 	}
1542 	*p = '\0';
1543 
1544 	return string_nocheck(buf, end, ip6_addr, spec);
1545 }
1546 
1547 static noinline_for_stack
ip4_addr_string_sa(char * buf,char * end,const struct sockaddr_in * sa,struct printf_spec spec,const char * fmt)1548 char *ip4_addr_string_sa(char *buf, char *end, const struct sockaddr_in *sa,
1549 			 struct printf_spec spec, const char *fmt)
1550 {
1551 	bool have_p = false;
1552 	char *p, ip4_addr[sizeof("255.255.255.255") + sizeof(":12345")];
1553 	char *pend = ip4_addr + sizeof(ip4_addr);
1554 	const u8 *addr = (const u8 *) &sa->sin_addr.s_addr;
1555 	char fmt4[3] = { fmt[0], '4', 0 };
1556 
1557 	fmt++;
1558 	while (isalpha(*++fmt)) {
1559 		switch (*fmt) {
1560 		case 'p':
1561 			have_p = true;
1562 			break;
1563 		case 'h':
1564 		case 'l':
1565 		case 'n':
1566 		case 'b':
1567 			fmt4[2] = *fmt;
1568 			break;
1569 		}
1570 	}
1571 
1572 	p = ip4_string(ip4_addr, addr, fmt4);
1573 	if (have_p) {
1574 		*p++ = ':';
1575 		p = number(p, pend, ntohs(sa->sin_port), spec);
1576 	}
1577 	*p = '\0';
1578 
1579 	return string_nocheck(buf, end, ip4_addr, spec);
1580 }
1581 
1582 static noinline_for_stack
ip_addr_string(char * buf,char * end,const void * ptr,struct printf_spec spec,const char * fmt)1583 char *ip_addr_string(char *buf, char *end, const void *ptr,
1584 		     struct printf_spec spec, const char *fmt)
1585 {
1586 	char *err_fmt_msg;
1587 
1588 	if (check_pointer(&buf, end, ptr, spec))
1589 		return buf;
1590 
1591 	switch (fmt[1]) {
1592 	case '6':
1593 		return ip6_addr_string(buf, end, ptr, spec, fmt);
1594 	case '4':
1595 		return ip4_addr_string(buf, end, ptr, spec, fmt);
1596 	case 'S': {
1597 		const union {
1598 			struct sockaddr		raw;
1599 			struct sockaddr_in	v4;
1600 			struct sockaddr_in6	v6;
1601 		} *sa = ptr;
1602 
1603 		switch (sa->raw.sa_family) {
1604 		case AF_INET:
1605 			return ip4_addr_string_sa(buf, end, &sa->v4, spec, fmt);
1606 		case AF_INET6:
1607 			return ip6_addr_string_sa(buf, end, &sa->v6, spec, fmt);
1608 		default:
1609 			return error_string(buf, end, "(einval)", spec);
1610 		}}
1611 	}
1612 
1613 	err_fmt_msg = fmt[0] == 'i' ? "(%pi?)" : "(%pI?)";
1614 	return error_string(buf, end, err_fmt_msg, spec);
1615 }
1616 
1617 static noinline_for_stack
escaped_string(char * buf,char * end,u8 * addr,struct printf_spec spec,const char * fmt)1618 char *escaped_string(char *buf, char *end, u8 *addr, struct printf_spec spec,
1619 		     const char *fmt)
1620 {
1621 	bool found = true;
1622 	int count = 1;
1623 	unsigned int flags = 0;
1624 	int len;
1625 
1626 	if (spec.field_width == 0)
1627 		return buf;				/* nothing to print */
1628 
1629 	if (check_pointer(&buf, end, addr, spec))
1630 		return buf;
1631 
1632 	do {
1633 		switch (fmt[count++]) {
1634 		case 'a':
1635 			flags |= ESCAPE_ANY;
1636 			break;
1637 		case 'c':
1638 			flags |= ESCAPE_SPECIAL;
1639 			break;
1640 		case 'h':
1641 			flags |= ESCAPE_HEX;
1642 			break;
1643 		case 'n':
1644 			flags |= ESCAPE_NULL;
1645 			break;
1646 		case 'o':
1647 			flags |= ESCAPE_OCTAL;
1648 			break;
1649 		case 'p':
1650 			flags |= ESCAPE_NP;
1651 			break;
1652 		case 's':
1653 			flags |= ESCAPE_SPACE;
1654 			break;
1655 		default:
1656 			found = false;
1657 			break;
1658 		}
1659 	} while (found);
1660 
1661 	if (!flags)
1662 		flags = ESCAPE_ANY_NP;
1663 
1664 	len = spec.field_width < 0 ? 1 : spec.field_width;
1665 
1666 	/*
1667 	 * string_escape_mem() writes as many characters as it can to
1668 	 * the given buffer, and returns the total size of the output
1669 	 * had the buffer been big enough.
1670 	 */
1671 	buf += string_escape_mem(addr, len, buf, buf < end ? end - buf : 0, flags, NULL);
1672 
1673 	return buf;
1674 }
1675 
va_format(char * buf,char * end,struct va_format * va_fmt,struct printf_spec spec,const char * fmt)1676 static char *va_format(char *buf, char *end, struct va_format *va_fmt,
1677 		       struct printf_spec spec, const char *fmt)
1678 {
1679 	va_list va;
1680 
1681 	if (check_pointer(&buf, end, va_fmt, spec))
1682 		return buf;
1683 
1684 	va_copy(va, *va_fmt->va);
1685 	buf += vsnprintf(buf, end > buf ? end - buf : 0, va_fmt->fmt, va);
1686 	va_end(va);
1687 
1688 	return buf;
1689 }
1690 
1691 static noinline_for_stack
uuid_string(char * buf,char * end,const u8 * addr,struct printf_spec spec,const char * fmt)1692 char *uuid_string(char *buf, char *end, const u8 *addr,
1693 		  struct printf_spec spec, const char *fmt)
1694 {
1695 	char uuid[UUID_STRING_LEN + 1];
1696 	char *p = uuid;
1697 	int i;
1698 	const u8 *index = uuid_index;
1699 	bool uc = false;
1700 
1701 	if (check_pointer(&buf, end, addr, spec))
1702 		return buf;
1703 
1704 	switch (*(++fmt)) {
1705 	case 'L':
1706 		uc = true;
1707 		fallthrough;
1708 	case 'l':
1709 		index = guid_index;
1710 		break;
1711 	case 'B':
1712 		uc = true;
1713 		break;
1714 	}
1715 
1716 	for (i = 0; i < 16; i++) {
1717 		if (uc)
1718 			p = hex_byte_pack_upper(p, addr[index[i]]);
1719 		else
1720 			p = hex_byte_pack(p, addr[index[i]]);
1721 		switch (i) {
1722 		case 3:
1723 		case 5:
1724 		case 7:
1725 		case 9:
1726 			*p++ = '-';
1727 			break;
1728 		}
1729 	}
1730 
1731 	*p = 0;
1732 
1733 	return string_nocheck(buf, end, uuid, spec);
1734 }
1735 
1736 static noinline_for_stack
netdev_bits(char * buf,char * end,const void * addr,struct printf_spec spec,const char * fmt)1737 char *netdev_bits(char *buf, char *end, const void *addr,
1738 		  struct printf_spec spec,  const char *fmt)
1739 {
1740 	unsigned long long num;
1741 	int size;
1742 
1743 	if (check_pointer(&buf, end, addr, spec))
1744 		return buf;
1745 
1746 	switch (fmt[1]) {
1747 	case 'F':
1748 		num = *(const netdev_features_t *)addr;
1749 		size = sizeof(netdev_features_t);
1750 		break;
1751 	default:
1752 		return error_string(buf, end, "(%pN?)", spec);
1753 	}
1754 
1755 	return special_hex_number(buf, end, num, size);
1756 }
1757 
1758 static noinline_for_stack
fourcc_string(char * buf,char * end,const u32 * fourcc,struct printf_spec spec,const char * fmt)1759 char *fourcc_string(char *buf, char *end, const u32 *fourcc,
1760 		    struct printf_spec spec, const char *fmt)
1761 {
1762 	char output[sizeof("0123 little-endian (0x01234567)")];
1763 	char *p = output;
1764 	unsigned int i;
1765 	u32 orig, val;
1766 
1767 	if (fmt[1] != 'c' || fmt[2] != 'c')
1768 		return error_string(buf, end, "(%p4?)", spec);
1769 
1770 	if (check_pointer(&buf, end, fourcc, spec))
1771 		return buf;
1772 
1773 	orig = get_unaligned(fourcc);
1774 	val = orig & ~BIT(31);
1775 
1776 	for (i = 0; i < sizeof(u32); i++) {
1777 		unsigned char c = val >> (i * 8);
1778 
1779 		/* Print non-control ASCII characters as-is, dot otherwise */
1780 		*p++ = isascii(c) && isprint(c) ? c : '.';
1781 	}
1782 
1783 	*p++ = ' ';
1784 	strcpy(p, orig & BIT(31) ? "big-endian" : "little-endian");
1785 	p += strlen(p);
1786 
1787 	*p++ = ' ';
1788 	*p++ = '(';
1789 	p = special_hex_number(p, output + sizeof(output) - 2, orig, sizeof(u32));
1790 	*p++ = ')';
1791 	*p = '\0';
1792 
1793 	return string(buf, end, output, spec);
1794 }
1795 
1796 static noinline_for_stack
address_val(char * buf,char * end,const void * addr,struct printf_spec spec,const char * fmt)1797 char *address_val(char *buf, char *end, const void *addr,
1798 		  struct printf_spec spec, const char *fmt)
1799 {
1800 	unsigned long long num;
1801 	int size;
1802 
1803 	if (check_pointer(&buf, end, addr, spec))
1804 		return buf;
1805 
1806 	switch (fmt[1]) {
1807 	case 'd':
1808 		num = *(const dma_addr_t *)addr;
1809 		size = sizeof(dma_addr_t);
1810 		break;
1811 	case 'p':
1812 	default:
1813 		num = *(const phys_addr_t *)addr;
1814 		size = sizeof(phys_addr_t);
1815 		break;
1816 	}
1817 
1818 	return special_hex_number(buf, end, num, size);
1819 }
1820 
1821 static noinline_for_stack
date_str(char * buf,char * end,const struct rtc_time * tm,bool r)1822 char *date_str(char *buf, char *end, const struct rtc_time *tm, bool r)
1823 {
1824 	int year = tm->tm_year + (r ? 0 : 1900);
1825 	int mon = tm->tm_mon + (r ? 0 : 1);
1826 
1827 	buf = number(buf, end, year, default_dec04_spec);
1828 	if (buf < end)
1829 		*buf = '-';
1830 	buf++;
1831 
1832 	buf = number(buf, end, mon, default_dec02_spec);
1833 	if (buf < end)
1834 		*buf = '-';
1835 	buf++;
1836 
1837 	return number(buf, end, tm->tm_mday, default_dec02_spec);
1838 }
1839 
1840 static noinline_for_stack
time_str(char * buf,char * end,const struct rtc_time * tm,bool r)1841 char *time_str(char *buf, char *end, const struct rtc_time *tm, bool r)
1842 {
1843 	buf = number(buf, end, tm->tm_hour, default_dec02_spec);
1844 	if (buf < end)
1845 		*buf = ':';
1846 	buf++;
1847 
1848 	buf = number(buf, end, tm->tm_min, default_dec02_spec);
1849 	if (buf < end)
1850 		*buf = ':';
1851 	buf++;
1852 
1853 	return number(buf, end, tm->tm_sec, default_dec02_spec);
1854 }
1855 
1856 static noinline_for_stack
rtc_str(char * buf,char * end,const struct rtc_time * tm,struct printf_spec spec,const char * fmt)1857 char *rtc_str(char *buf, char *end, const struct rtc_time *tm,
1858 	      struct printf_spec spec, const char *fmt)
1859 {
1860 	bool have_t = true, have_d = true;
1861 	bool raw = false, iso8601_separator = true;
1862 	bool found = true;
1863 	int count = 2;
1864 
1865 	if (check_pointer(&buf, end, tm, spec))
1866 		return buf;
1867 
1868 	switch (fmt[count]) {
1869 	case 'd':
1870 		have_t = false;
1871 		count++;
1872 		break;
1873 	case 't':
1874 		have_d = false;
1875 		count++;
1876 		break;
1877 	}
1878 
1879 	do {
1880 		switch (fmt[count++]) {
1881 		case 'r':
1882 			raw = true;
1883 			break;
1884 		case 's':
1885 			iso8601_separator = false;
1886 			break;
1887 		default:
1888 			found = false;
1889 			break;
1890 		}
1891 	} while (found);
1892 
1893 	if (have_d)
1894 		buf = date_str(buf, end, tm, raw);
1895 	if (have_d && have_t) {
1896 		if (buf < end)
1897 			*buf = iso8601_separator ? 'T' : ' ';
1898 		buf++;
1899 	}
1900 	if (have_t)
1901 		buf = time_str(buf, end, tm, raw);
1902 
1903 	return buf;
1904 }
1905 
1906 static noinline_for_stack
time64_str(char * buf,char * end,const time64_t time,struct printf_spec spec,const char * fmt)1907 char *time64_str(char *buf, char *end, const time64_t time,
1908 		 struct printf_spec spec, const char *fmt)
1909 {
1910 	struct rtc_time rtc_time;
1911 	struct tm tm;
1912 
1913 	time64_to_tm(time, 0, &tm);
1914 
1915 	rtc_time.tm_sec = tm.tm_sec;
1916 	rtc_time.tm_min = tm.tm_min;
1917 	rtc_time.tm_hour = tm.tm_hour;
1918 	rtc_time.tm_mday = tm.tm_mday;
1919 	rtc_time.tm_mon = tm.tm_mon;
1920 	rtc_time.tm_year = tm.tm_year;
1921 	rtc_time.tm_wday = tm.tm_wday;
1922 	rtc_time.tm_yday = tm.tm_yday;
1923 
1924 	rtc_time.tm_isdst = 0;
1925 
1926 	return rtc_str(buf, end, &rtc_time, spec, fmt);
1927 }
1928 
1929 static noinline_for_stack
time_and_date(char * buf,char * end,void * ptr,struct printf_spec spec,const char * fmt)1930 char *time_and_date(char *buf, char *end, void *ptr, struct printf_spec spec,
1931 		    const char *fmt)
1932 {
1933 	switch (fmt[1]) {
1934 	case 'R':
1935 		return rtc_str(buf, end, (const struct rtc_time *)ptr, spec, fmt);
1936 	case 'T':
1937 		return time64_str(buf, end, *(const time64_t *)ptr, spec, fmt);
1938 	default:
1939 		return error_string(buf, end, "(%pt?)", spec);
1940 	}
1941 }
1942 
1943 static noinline_for_stack
clock(char * buf,char * end,struct clk * clk,struct printf_spec spec,const char * fmt)1944 char *clock(char *buf, char *end, struct clk *clk, struct printf_spec spec,
1945 	    const char *fmt)
1946 {
1947 	if (!IS_ENABLED(CONFIG_HAVE_CLK))
1948 		return error_string(buf, end, "(%pC?)", spec);
1949 
1950 	if (check_pointer(&buf, end, clk, spec))
1951 		return buf;
1952 
1953 	switch (fmt[1]) {
1954 	case 'n':
1955 	default:
1956 #ifdef CONFIG_COMMON_CLK
1957 		return string(buf, end, __clk_get_name(clk), spec);
1958 #else
1959 		return ptr_to_id(buf, end, clk, spec);
1960 #endif
1961 	}
1962 }
1963 
1964 static
format_flags(char * buf,char * end,unsigned long flags,const struct trace_print_flags * names)1965 char *format_flags(char *buf, char *end, unsigned long flags,
1966 					const struct trace_print_flags *names)
1967 {
1968 	unsigned long mask;
1969 
1970 	for ( ; flags && names->name; names++) {
1971 		mask = names->mask;
1972 		if ((flags & mask) != mask)
1973 			continue;
1974 
1975 		buf = string(buf, end, names->name, default_str_spec);
1976 
1977 		flags &= ~mask;
1978 		if (flags) {
1979 			if (buf < end)
1980 				*buf = '|';
1981 			buf++;
1982 		}
1983 	}
1984 
1985 	if (flags)
1986 		buf = number(buf, end, flags, default_flag_spec);
1987 
1988 	return buf;
1989 }
1990 
1991 struct page_flags_fields {
1992 	int width;
1993 	int shift;
1994 	int mask;
1995 	const struct printf_spec *spec;
1996 	const char *name;
1997 };
1998 
1999 static const struct page_flags_fields pff[] = {
2000 	{SECTIONS_WIDTH, SECTIONS_PGSHIFT, SECTIONS_MASK,
2001 	 &default_dec_spec, "section"},
2002 	{NODES_WIDTH, NODES_PGSHIFT, NODES_MASK,
2003 	 &default_dec_spec, "node"},
2004 	{ZONES_WIDTH, ZONES_PGSHIFT, ZONES_MASK,
2005 	 &default_dec_spec, "zone"},
2006 	{LAST_CPUPID_WIDTH, LAST_CPUPID_PGSHIFT, LAST_CPUPID_MASK,
2007 	 &default_flag_spec, "lastcpupid"},
2008 	{KASAN_TAG_WIDTH, KASAN_TAG_PGSHIFT, KASAN_TAG_MASK,
2009 	 &default_flag_spec, "kasantag"},
2010 };
2011 
2012 static
format_page_flags(char * buf,char * end,unsigned long flags)2013 char *format_page_flags(char *buf, char *end, unsigned long flags)
2014 {
2015 	unsigned long main_flags = flags & PAGEFLAGS_MASK;
2016 	bool append = false;
2017 	int i;
2018 
2019 	buf = number(buf, end, flags, default_flag_spec);
2020 	if (buf < end)
2021 		*buf = '(';
2022 	buf++;
2023 
2024 	/* Page flags from the main area. */
2025 	if (main_flags) {
2026 		buf = format_flags(buf, end, main_flags, pageflag_names);
2027 		append = true;
2028 	}
2029 
2030 	/* Page flags from the fields area */
2031 	for (i = 0; i < ARRAY_SIZE(pff); i++) {
2032 		/* Skip undefined fields. */
2033 		if (!pff[i].width)
2034 			continue;
2035 
2036 		/* Format: Flag Name + '=' (equals sign) + Number + '|' (separator) */
2037 		if (append) {
2038 			if (buf < end)
2039 				*buf = '|';
2040 			buf++;
2041 		}
2042 
2043 		buf = string(buf, end, pff[i].name, default_str_spec);
2044 		if (buf < end)
2045 			*buf = '=';
2046 		buf++;
2047 		buf = number(buf, end, (flags >> pff[i].shift) & pff[i].mask,
2048 			     *pff[i].spec);
2049 
2050 		append = true;
2051 	}
2052 	if (buf < end)
2053 		*buf = ')';
2054 	buf++;
2055 
2056 	return buf;
2057 }
2058 
2059 static noinline_for_stack
flags_string(char * buf,char * end,void * flags_ptr,struct printf_spec spec,const char * fmt)2060 char *flags_string(char *buf, char *end, void *flags_ptr,
2061 		   struct printf_spec spec, const char *fmt)
2062 {
2063 	unsigned long flags;
2064 	const struct trace_print_flags *names;
2065 
2066 	if (check_pointer(&buf, end, flags_ptr, spec))
2067 		return buf;
2068 
2069 	switch (fmt[1]) {
2070 	case 'p':
2071 		return format_page_flags(buf, end, *(unsigned long *)flags_ptr);
2072 	case 'v':
2073 		flags = *(unsigned long *)flags_ptr;
2074 		names = vmaflag_names;
2075 		break;
2076 	case 'g':
2077 		flags = (__force unsigned long)(*(gfp_t *)flags_ptr);
2078 		names = gfpflag_names;
2079 		break;
2080 	default:
2081 		return error_string(buf, end, "(%pG?)", spec);
2082 	}
2083 
2084 	return format_flags(buf, end, flags, names);
2085 }
2086 
2087 static noinline_for_stack
fwnode_full_name_string(struct fwnode_handle * fwnode,char * buf,char * end)2088 char *fwnode_full_name_string(struct fwnode_handle *fwnode, char *buf,
2089 			      char *end)
2090 {
2091 	int depth;
2092 
2093 	/* Loop starting from the root node to the current node. */
2094 	for (depth = fwnode_count_parents(fwnode); depth >= 0; depth--) {
2095 		struct fwnode_handle *__fwnode =
2096 			fwnode_get_nth_parent(fwnode, depth);
2097 
2098 		buf = string(buf, end, fwnode_get_name_prefix(__fwnode),
2099 			     default_str_spec);
2100 		buf = string(buf, end, fwnode_get_name(__fwnode),
2101 			     default_str_spec);
2102 
2103 		fwnode_handle_put(__fwnode);
2104 	}
2105 
2106 	return buf;
2107 }
2108 
2109 static noinline_for_stack
device_node_string(char * buf,char * end,struct device_node * dn,struct printf_spec spec,const char * fmt)2110 char *device_node_string(char *buf, char *end, struct device_node *dn,
2111 			 struct printf_spec spec, const char *fmt)
2112 {
2113 	char tbuf[sizeof("xxxx") + 1];
2114 	const char *p;
2115 	int ret;
2116 	char *buf_start = buf;
2117 	struct property *prop;
2118 	bool has_mult, pass;
2119 
2120 	struct printf_spec str_spec = spec;
2121 	str_spec.field_width = -1;
2122 
2123 	if (fmt[0] != 'F')
2124 		return error_string(buf, end, "(%pO?)", spec);
2125 
2126 	if (!IS_ENABLED(CONFIG_OF))
2127 		return error_string(buf, end, "(%pOF?)", spec);
2128 
2129 	if (check_pointer(&buf, end, dn, spec))
2130 		return buf;
2131 
2132 	/* simple case without anything any more format specifiers */
2133 	fmt++;
2134 	if (fmt[0] == '\0' || strcspn(fmt,"fnpPFcC") > 0)
2135 		fmt = "f";
2136 
2137 	for (pass = false; strspn(fmt,"fnpPFcC"); fmt++, pass = true) {
2138 		int precision;
2139 		if (pass) {
2140 			if (buf < end)
2141 				*buf = ':';
2142 			buf++;
2143 		}
2144 
2145 		switch (*fmt) {
2146 		case 'f':	/* full_name */
2147 			buf = fwnode_full_name_string(of_fwnode_handle(dn), buf,
2148 						      end);
2149 			break;
2150 		case 'n':	/* name */
2151 			p = fwnode_get_name(of_fwnode_handle(dn));
2152 			precision = str_spec.precision;
2153 			str_spec.precision = strchrnul(p, '@') - p;
2154 			buf = string(buf, end, p, str_spec);
2155 			str_spec.precision = precision;
2156 			break;
2157 		case 'p':	/* phandle */
2158 			buf = number(buf, end, (unsigned int)dn->phandle, default_dec_spec);
2159 			break;
2160 		case 'P':	/* path-spec */
2161 			p = fwnode_get_name(of_fwnode_handle(dn));
2162 			if (!p[1])
2163 				p = "/";
2164 			buf = string(buf, end, p, str_spec);
2165 			break;
2166 		case 'F':	/* flags */
2167 			tbuf[0] = of_node_check_flag(dn, OF_DYNAMIC) ? 'D' : '-';
2168 			tbuf[1] = of_node_check_flag(dn, OF_DETACHED) ? 'd' : '-';
2169 			tbuf[2] = of_node_check_flag(dn, OF_POPULATED) ? 'P' : '-';
2170 			tbuf[3] = of_node_check_flag(dn, OF_POPULATED_BUS) ? 'B' : '-';
2171 			tbuf[4] = 0;
2172 			buf = string_nocheck(buf, end, tbuf, str_spec);
2173 			break;
2174 		case 'c':	/* major compatible string */
2175 			ret = of_property_read_string(dn, "compatible", &p);
2176 			if (!ret)
2177 				buf = string(buf, end, p, str_spec);
2178 			break;
2179 		case 'C':	/* full compatible string */
2180 			has_mult = false;
2181 			of_property_for_each_string(dn, "compatible", prop, p) {
2182 				if (has_mult)
2183 					buf = string_nocheck(buf, end, ",", str_spec);
2184 				buf = string_nocheck(buf, end, "\"", str_spec);
2185 				buf = string(buf, end, p, str_spec);
2186 				buf = string_nocheck(buf, end, "\"", str_spec);
2187 
2188 				has_mult = true;
2189 			}
2190 			break;
2191 		default:
2192 			break;
2193 		}
2194 	}
2195 
2196 	return widen_string(buf, buf - buf_start, end, spec);
2197 }
2198 
2199 static noinline_for_stack
fwnode_string(char * buf,char * end,struct fwnode_handle * fwnode,struct printf_spec spec,const char * fmt)2200 char *fwnode_string(char *buf, char *end, struct fwnode_handle *fwnode,
2201 		    struct printf_spec spec, const char *fmt)
2202 {
2203 	struct printf_spec str_spec = spec;
2204 	char *buf_start = buf;
2205 
2206 	str_spec.field_width = -1;
2207 
2208 	if (*fmt != 'w')
2209 		return error_string(buf, end, "(%pf?)", spec);
2210 
2211 	if (check_pointer(&buf, end, fwnode, spec))
2212 		return buf;
2213 
2214 	fmt++;
2215 
2216 	switch (*fmt) {
2217 	case 'P':	/* name */
2218 		buf = string(buf, end, fwnode_get_name(fwnode), str_spec);
2219 		break;
2220 	case 'f':	/* full_name */
2221 	default:
2222 		buf = fwnode_full_name_string(fwnode, buf, end);
2223 		break;
2224 	}
2225 
2226 	return widen_string(buf, buf - buf_start, end, spec);
2227 }
2228 
no_hash_pointers_enable(char * str)2229 int __init no_hash_pointers_enable(char *str)
2230 {
2231 	if (no_hash_pointers)
2232 		return 0;
2233 
2234 	no_hash_pointers = true;
2235 
2236 	pr_warn("**********************************************************\n");
2237 	pr_warn("**   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **\n");
2238 	pr_warn("**                                                      **\n");
2239 	pr_warn("** This system shows unhashed kernel memory addresses   **\n");
2240 	pr_warn("** via the console, logs, and other interfaces. This    **\n");
2241 	pr_warn("** might reduce the security of your system.            **\n");
2242 	pr_warn("**                                                      **\n");
2243 	pr_warn("** If you see this message and you are not debugging    **\n");
2244 	pr_warn("** the kernel, report this immediately to your system   **\n");
2245 	pr_warn("** administrator!                                       **\n");
2246 	pr_warn("**                                                      **\n");
2247 	pr_warn("**   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **\n");
2248 	pr_warn("**********************************************************\n");
2249 
2250 	return 0;
2251 }
2252 early_param("no_hash_pointers", no_hash_pointers_enable);
2253 
2254 /* Used for Rust formatting ('%pA'). */
2255 char *rust_fmt_argument(char *buf, char *end, void *ptr);
2256 
2257 /*
2258  * Show a '%p' thing.  A kernel extension is that the '%p' is followed
2259  * by an extra set of alphanumeric characters that are extended format
2260  * specifiers.
2261  *
2262  * Please update scripts/checkpatch.pl when adding/removing conversion
2263  * characters.  (Search for "check for vsprintf extension").
2264  *
2265  * Right now we handle:
2266  *
2267  * - 'S' For symbolic direct pointers (or function descriptors) with offset
2268  * - 's' For symbolic direct pointers (or function descriptors) without offset
2269  * - '[Ss]R' as above with __builtin_extract_return_addr() translation
2270  * - 'S[R]b' as above with module build ID (for use in backtraces)
2271  * - '[Ff]' %pf and %pF were obsoleted and later removed in favor of
2272  *	    %ps and %pS. Be careful when re-using these specifiers.
2273  * - 'B' For backtraced symbolic direct pointers with offset
2274  * - 'Bb' as above with module build ID (for use in backtraces)
2275  * - 'R' For decoded struct resource, e.g., [mem 0x0-0x1f 64bit pref]
2276  * - 'r' For raw struct resource, e.g., [mem 0x0-0x1f flags 0x201]
2277  * - 'b[l]' For a bitmap, the number of bits is determined by the field
2278  *       width which must be explicitly specified either as part of the
2279  *       format string '%32b[l]' or through '%*b[l]', [l] selects
2280  *       range-list format instead of hex format
2281  * - 'M' For a 6-byte MAC address, it prints the address in the
2282  *       usual colon-separated hex notation
2283  * - 'm' For a 6-byte MAC address, it prints the hex address without colons
2284  * - 'MF' For a 6-byte MAC FDDI address, it prints the address
2285  *       with a dash-separated hex notation
2286  * - '[mM]R' For a 6-byte MAC address, Reverse order (Bluetooth)
2287  * - 'I' [46] for IPv4/IPv6 addresses printed in the usual way
2288  *       IPv4 uses dot-separated decimal without leading 0's (1.2.3.4)
2289  *       IPv6 uses colon separated network-order 16 bit hex with leading 0's
2290  *       [S][pfs]
2291  *       Generic IPv4/IPv6 address (struct sockaddr *) that falls back to
2292  *       [4] or [6] and is able to print port [p], flowinfo [f], scope [s]
2293  * - 'i' [46] for 'raw' IPv4/IPv6 addresses
2294  *       IPv6 omits the colons (01020304...0f)
2295  *       IPv4 uses dot-separated decimal with leading 0's (010.123.045.006)
2296  *       [S][pfs]
2297  *       Generic IPv4/IPv6 address (struct sockaddr *) that falls back to
2298  *       [4] or [6] and is able to print port [p], flowinfo [f], scope [s]
2299  * - '[Ii][4S][hnbl]' IPv4 addresses in host, network, big or little endian order
2300  * - 'I[6S]c' for IPv6 addresses printed as specified by
2301  *       https://tools.ietf.org/html/rfc5952
2302  * - 'E[achnops]' For an escaped buffer, where rules are defined by combination
2303  *                of the following flags (see string_escape_mem() for the
2304  *                details):
2305  *                  a - ESCAPE_ANY
2306  *                  c - ESCAPE_SPECIAL
2307  *                  h - ESCAPE_HEX
2308  *                  n - ESCAPE_NULL
2309  *                  o - ESCAPE_OCTAL
2310  *                  p - ESCAPE_NP
2311  *                  s - ESCAPE_SPACE
2312  *                By default ESCAPE_ANY_NP is used.
2313  * - 'U' For a 16 byte UUID/GUID, it prints the UUID/GUID in the form
2314  *       "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
2315  *       Options for %pU are:
2316  *         b big endian lower case hex (default)
2317  *         B big endian UPPER case hex
2318  *         l little endian lower case hex
2319  *         L little endian UPPER case hex
2320  *           big endian output byte order is:
2321  *             [0][1][2][3]-[4][5]-[6][7]-[8][9]-[10][11][12][13][14][15]
2322  *           little endian output byte order is:
2323  *             [3][2][1][0]-[5][4]-[7][6]-[8][9]-[10][11][12][13][14][15]
2324  * - 'V' For a struct va_format which contains a format string * and va_list *,
2325  *       call vsnprintf(->format, *->va_list).
2326  *       Implements a "recursive vsnprintf".
2327  *       Do not use this feature without some mechanism to verify the
2328  *       correctness of the format string and va_list arguments.
2329  * - 'K' For a kernel pointer that should be hidden from unprivileged users.
2330  *       Use only for procfs, sysfs and similar files, not printk(); please
2331  *       read the documentation (path below) first.
2332  * - 'NF' For a netdev_features_t
2333  * - '4cc' V4L2 or DRM FourCC code, with endianness and raw numerical value.
2334  * - 'h[CDN]' For a variable-length buffer, it prints it as a hex string with
2335  *            a certain separator (' ' by default):
2336  *              C colon
2337  *              D dash
2338  *              N no separator
2339  *            The maximum supported length is 64 bytes of the input. Consider
2340  *            to use print_hex_dump() for the larger input.
2341  * - 'a[pd]' For address types [p] phys_addr_t, [d] dma_addr_t and derivatives
2342  *           (default assumed to be phys_addr_t, passed by reference)
2343  * - 'd[234]' For a dentry name (optionally 2-4 last components)
2344  * - 'D[234]' Same as 'd' but for a struct file
2345  * - 'g' For block_device name (gendisk + partition number)
2346  * - 't[RT][dt][r][s]' For time and date as represented by:
2347  *      R    struct rtc_time
2348  *      T    time64_t
2349  * - 'C' For a clock, it prints the name (Common Clock Framework) or address
2350  *       (legacy clock framework) of the clock
2351  * - 'Cn' For a clock, it prints the name (Common Clock Framework) or address
2352  *        (legacy clock framework) of the clock
2353  * - 'G' For flags to be printed as a collection of symbolic strings that would
2354  *       construct the specific value. Supported flags given by option:
2355  *       p page flags (see struct page) given as pointer to unsigned long
2356  *       g gfp flags (GFP_* and __GFP_*) given as pointer to gfp_t
2357  *       v vma flags (VM_*) given as pointer to unsigned long
2358  * - 'OF[fnpPcCF]'  For a device tree object
2359  *                  Without any optional arguments prints the full_name
2360  *                  f device node full_name
2361  *                  n device node name
2362  *                  p device node phandle
2363  *                  P device node path spec (name + @unit)
2364  *                  F device node flags
2365  *                  c major compatible string
2366  *                  C full compatible string
2367  * - 'fw[fP]'	For a firmware node (struct fwnode_handle) pointer
2368  *		Without an option prints the full name of the node
2369  *		f full name
2370  *		P node name, including a possible unit address
2371  * - 'x' For printing the address unmodified. Equivalent to "%lx".
2372  *       Please read the documentation (path below) before using!
2373  * - '[ku]s' For a BPF/tracing related format specifier, e.g. used out of
2374  *           bpf_trace_printk() where [ku] prefix specifies either kernel (k)
2375  *           or user (u) memory to probe, and:
2376  *              s a string, equivalent to "%s" on direct vsnprintf() use
2377  *
2378  * ** When making changes please also update:
2379  *	Documentation/core-api/printk-formats.rst
2380  *
2381  * Note: The default behaviour (unadorned %p) is to hash the address,
2382  * rendering it useful as a unique identifier.
2383  *
2384  * There is also a '%pA' format specifier, but it is only intended to be used
2385  * from Rust code to format core::fmt::Arguments. Do *not* use it from C.
2386  * See rust/kernel/print.rs for details.
2387  */
2388 static noinline_for_stack
pointer(const char * fmt,char * buf,char * end,void * ptr,struct printf_spec spec)2389 char *pointer(const char *fmt, char *buf, char *end, void *ptr,
2390 	      struct printf_spec spec)
2391 {
2392 	switch (*fmt) {
2393 	case 'S':
2394 	case 's':
2395 		ptr = dereference_symbol_descriptor(ptr);
2396 		fallthrough;
2397 	case 'B':
2398 		return symbol_string(buf, end, ptr, spec, fmt);
2399 	case 'R':
2400 	case 'r':
2401 		return resource_string(buf, end, ptr, spec, fmt);
2402 	case 'h':
2403 		return hex_string(buf, end, ptr, spec, fmt);
2404 	case 'b':
2405 		switch (fmt[1]) {
2406 		case 'l':
2407 			return bitmap_list_string(buf, end, ptr, spec, fmt);
2408 		default:
2409 			return bitmap_string(buf, end, ptr, spec, fmt);
2410 		}
2411 	case 'M':			/* Colon separated: 00:01:02:03:04:05 */
2412 	case 'm':			/* Contiguous: 000102030405 */
2413 					/* [mM]F (FDDI) */
2414 					/* [mM]R (Reverse order; Bluetooth) */
2415 		return mac_address_string(buf, end, ptr, spec, fmt);
2416 	case 'I':			/* Formatted IP supported
2417 					 * 4:	1.2.3.4
2418 					 * 6:	0001:0203:...:0708
2419 					 * 6c:	1::708 or 1::1.2.3.4
2420 					 */
2421 	case 'i':			/* Contiguous:
2422 					 * 4:	001.002.003.004
2423 					 * 6:   000102...0f
2424 					 */
2425 		return ip_addr_string(buf, end, ptr, spec, fmt);
2426 	case 'E':
2427 		return escaped_string(buf, end, ptr, spec, fmt);
2428 	case 'U':
2429 		return uuid_string(buf, end, ptr, spec, fmt);
2430 	case 'V':
2431 		return va_format(buf, end, ptr, spec, fmt);
2432 	case 'K':
2433 		return restricted_pointer(buf, end, ptr, spec);
2434 	case 'N':
2435 		return netdev_bits(buf, end, ptr, spec, fmt);
2436 	case '4':
2437 		return fourcc_string(buf, end, ptr, spec, fmt);
2438 	case 'a':
2439 		return address_val(buf, end, ptr, spec, fmt);
2440 	case 'd':
2441 		return dentry_name(buf, end, ptr, spec, fmt);
2442 	case 't':
2443 		return time_and_date(buf, end, ptr, spec, fmt);
2444 	case 'C':
2445 		return clock(buf, end, ptr, spec, fmt);
2446 	case 'D':
2447 		return file_dentry_name(buf, end, ptr, spec, fmt);
2448 #ifdef CONFIG_BLOCK
2449 	case 'g':
2450 		return bdev_name(buf, end, ptr, spec, fmt);
2451 #endif
2452 
2453 	case 'G':
2454 		return flags_string(buf, end, ptr, spec, fmt);
2455 	case 'O':
2456 		return device_node_string(buf, end, ptr, spec, fmt + 1);
2457 	case 'f':
2458 		return fwnode_string(buf, end, ptr, spec, fmt + 1);
2459 	case 'A':
2460 		if (!IS_ENABLED(CONFIG_RUST)) {
2461 			WARN_ONCE(1, "Please remove %%pA from non-Rust code\n");
2462 			return error_string(buf, end, "(%pA?)", spec);
2463 		}
2464 		return rust_fmt_argument(buf, end, ptr);
2465 	case 'x':
2466 		return pointer_string(buf, end, ptr, spec);
2467 	case 'e':
2468 		/* %pe with a non-ERR_PTR gets treated as plain %p */
2469 		if (!IS_ERR(ptr))
2470 			return default_pointer(buf, end, ptr, spec);
2471 		return err_ptr(buf, end, ptr, spec);
2472 	case 'u':
2473 	case 'k':
2474 		switch (fmt[1]) {
2475 		case 's':
2476 			return string(buf, end, ptr, spec);
2477 		default:
2478 			return error_string(buf, end, "(einval)", spec);
2479 		}
2480 	default:
2481 		return default_pointer(buf, end, ptr, spec);
2482 	}
2483 }
2484 
2485 /*
2486  * Helper function to decode printf style format.
2487  * Each call decode a token from the format and return the
2488  * number of characters read (or likely the delta where it wants
2489  * to go on the next call).
2490  * The decoded token is returned through the parameters
2491  *
2492  * 'h', 'l', or 'L' for integer fields
2493  * 'z' support added 23/7/1999 S.H.
2494  * 'z' changed to 'Z' --davidm 1/25/99
2495  * 'Z' changed to 'z' --adobriyan 2017-01-25
2496  * 't' added for ptrdiff_t
2497  *
2498  * @fmt: the format string
2499  * @type of the token returned
2500  * @flags: various flags such as +, -, # tokens..
2501  * @field_width: overwritten width
2502  * @base: base of the number (octal, hex, ...)
2503  * @precision: precision of a number
2504  * @qualifier: qualifier of a number (long, size_t, ...)
2505  */
2506 static noinline_for_stack
format_decode(const char * fmt,struct printf_spec * spec)2507 int format_decode(const char *fmt, struct printf_spec *spec)
2508 {
2509 	const char *start = fmt;
2510 	char qualifier;
2511 
2512 	/* we finished early by reading the field width */
2513 	if (spec->type == FORMAT_TYPE_WIDTH) {
2514 		if (spec->field_width < 0) {
2515 			spec->field_width = -spec->field_width;
2516 			spec->flags |= LEFT;
2517 		}
2518 		spec->type = FORMAT_TYPE_NONE;
2519 		goto precision;
2520 	}
2521 
2522 	/* we finished early by reading the precision */
2523 	if (spec->type == FORMAT_TYPE_PRECISION) {
2524 		if (spec->precision < 0)
2525 			spec->precision = 0;
2526 
2527 		spec->type = FORMAT_TYPE_NONE;
2528 		goto qualifier;
2529 	}
2530 
2531 	/* By default */
2532 	spec->type = FORMAT_TYPE_NONE;
2533 
2534 	for (; *fmt ; ++fmt) {
2535 		if (*fmt == '%')
2536 			break;
2537 	}
2538 
2539 	/* Return the current non-format string */
2540 	if (fmt != start || !*fmt)
2541 		return fmt - start;
2542 
2543 	/* Process flags */
2544 	spec->flags = 0;
2545 
2546 	while (1) { /* this also skips first '%' */
2547 		bool found = true;
2548 
2549 		++fmt;
2550 
2551 		switch (*fmt) {
2552 		case '-': spec->flags |= LEFT;    break;
2553 		case '+': spec->flags |= PLUS;    break;
2554 		case ' ': spec->flags |= SPACE;   break;
2555 		case '#': spec->flags |= SPECIAL; break;
2556 		case '0': spec->flags |= ZEROPAD; break;
2557 		default:  found = false;
2558 		}
2559 
2560 		if (!found)
2561 			break;
2562 	}
2563 
2564 	/* get field width */
2565 	spec->field_width = -1;
2566 
2567 	if (isdigit(*fmt))
2568 		spec->field_width = skip_atoi(&fmt);
2569 	else if (*fmt == '*') {
2570 		/* it's the next argument */
2571 		spec->type = FORMAT_TYPE_WIDTH;
2572 		return ++fmt - start;
2573 	}
2574 
2575 precision:
2576 	/* get the precision */
2577 	spec->precision = -1;
2578 	if (*fmt == '.') {
2579 		++fmt;
2580 		if (isdigit(*fmt)) {
2581 			spec->precision = skip_atoi(&fmt);
2582 			if (spec->precision < 0)
2583 				spec->precision = 0;
2584 		} else if (*fmt == '*') {
2585 			/* it's the next argument */
2586 			spec->type = FORMAT_TYPE_PRECISION;
2587 			return ++fmt - start;
2588 		}
2589 	}
2590 
2591 qualifier:
2592 	/* get the conversion qualifier */
2593 	qualifier = 0;
2594 	if (*fmt == 'h' || _tolower(*fmt) == 'l' ||
2595 	    *fmt == 'z' || *fmt == 't') {
2596 		qualifier = *fmt++;
2597 		if (unlikely(qualifier == *fmt)) {
2598 			if (qualifier == 'l') {
2599 				qualifier = 'L';
2600 				++fmt;
2601 			} else if (qualifier == 'h') {
2602 				qualifier = 'H';
2603 				++fmt;
2604 			}
2605 		}
2606 	}
2607 
2608 	/* default base */
2609 	spec->base = 10;
2610 	switch (*fmt) {
2611 	case 'c':
2612 		spec->type = FORMAT_TYPE_CHAR;
2613 		return ++fmt - start;
2614 
2615 	case 's':
2616 		spec->type = FORMAT_TYPE_STR;
2617 		return ++fmt - start;
2618 
2619 	case 'p':
2620 		spec->type = FORMAT_TYPE_PTR;
2621 		return ++fmt - start;
2622 
2623 	case '%':
2624 		spec->type = FORMAT_TYPE_PERCENT_CHAR;
2625 		return ++fmt - start;
2626 
2627 	/* integer number formats - set up the flags and "break" */
2628 	case 'o':
2629 		spec->base = 8;
2630 		break;
2631 
2632 	case 'x':
2633 		spec->flags |= SMALL;
2634 		fallthrough;
2635 
2636 	case 'X':
2637 		spec->base = 16;
2638 		break;
2639 
2640 	case 'd':
2641 	case 'i':
2642 		spec->flags |= SIGN;
2643 		break;
2644 	case 'u':
2645 		break;
2646 
2647 	case 'n':
2648 		/*
2649 		 * Since %n poses a greater security risk than
2650 		 * utility, treat it as any other invalid or
2651 		 * unsupported format specifier.
2652 		 */
2653 		fallthrough;
2654 
2655 	default:
2656 		WARN_ONCE(1, "Please remove unsupported %%%c in format string\n", *fmt);
2657 		spec->type = FORMAT_TYPE_INVALID;
2658 		return fmt - start;
2659 	}
2660 
2661 	if (qualifier == 'L')
2662 		spec->type = FORMAT_TYPE_LONG_LONG;
2663 	else if (qualifier == 'l') {
2664 		BUILD_BUG_ON(FORMAT_TYPE_ULONG + SIGN != FORMAT_TYPE_LONG);
2665 		spec->type = FORMAT_TYPE_ULONG + (spec->flags & SIGN);
2666 	} else if (qualifier == 'z') {
2667 		spec->type = FORMAT_TYPE_SIZE_T;
2668 	} else if (qualifier == 't') {
2669 		spec->type = FORMAT_TYPE_PTRDIFF;
2670 	} else if (qualifier == 'H') {
2671 		BUILD_BUG_ON(FORMAT_TYPE_UBYTE + SIGN != FORMAT_TYPE_BYTE);
2672 		spec->type = FORMAT_TYPE_UBYTE + (spec->flags & SIGN);
2673 	} else if (qualifier == 'h') {
2674 		BUILD_BUG_ON(FORMAT_TYPE_USHORT + SIGN != FORMAT_TYPE_SHORT);
2675 		spec->type = FORMAT_TYPE_USHORT + (spec->flags & SIGN);
2676 	} else {
2677 		BUILD_BUG_ON(FORMAT_TYPE_UINT + SIGN != FORMAT_TYPE_INT);
2678 		spec->type = FORMAT_TYPE_UINT + (spec->flags & SIGN);
2679 	}
2680 
2681 	return ++fmt - start;
2682 }
2683 
2684 static void
set_field_width(struct printf_spec * spec,int width)2685 set_field_width(struct printf_spec *spec, int width)
2686 {
2687 	spec->field_width = width;
2688 	if (WARN_ONCE(spec->field_width != width, "field width %d too large", width)) {
2689 		spec->field_width = clamp(width, -FIELD_WIDTH_MAX, FIELD_WIDTH_MAX);
2690 	}
2691 }
2692 
2693 static void
set_precision(struct printf_spec * spec,int prec)2694 set_precision(struct printf_spec *spec, int prec)
2695 {
2696 	spec->precision = prec;
2697 	if (WARN_ONCE(spec->precision != prec, "precision %d too large", prec)) {
2698 		spec->precision = clamp(prec, 0, PRECISION_MAX);
2699 	}
2700 }
2701 
2702 /**
2703  * vsnprintf - Format a string and place it in a buffer
2704  * @buf: The buffer to place the result into
2705  * @size: The size of the buffer, including the trailing null space
2706  * @fmt: The format string to use
2707  * @args: Arguments for the format string
2708  *
2709  * This function generally follows C99 vsnprintf, but has some
2710  * extensions and a few limitations:
2711  *
2712  *  - ``%n`` is unsupported
2713  *  - ``%p*`` is handled by pointer()
2714  *
2715  * See pointer() or Documentation/core-api/printk-formats.rst for more
2716  * extensive description.
2717  *
2718  * **Please update the documentation in both places when making changes**
2719  *
2720  * The return value is the number of characters which would
2721  * be generated for the given input, excluding the trailing
2722  * '\0', as per ISO C99. If you want to have the exact
2723  * number of characters written into @buf as return value
2724  * (not including the trailing '\0'), use vscnprintf(). If the
2725  * return is greater than or equal to @size, the resulting
2726  * string is truncated.
2727  *
2728  * If you're not already dealing with a va_list consider using snprintf().
2729  */
vsnprintf(char * buf,size_t size,const char * fmt,va_list args)2730 int vsnprintf(char *buf, size_t size, const char *fmt, va_list args)
2731 {
2732 	unsigned long long num;
2733 	char *str, *end;
2734 	struct printf_spec spec = {0};
2735 
2736 	/* Reject out-of-range values early.  Large positive sizes are
2737 	   used for unknown buffer sizes. */
2738 	if (WARN_ON_ONCE(size > INT_MAX))
2739 		return 0;
2740 
2741 	str = buf;
2742 	end = buf + size;
2743 
2744 	/* Make sure end is always >= buf */
2745 	if (end < buf) {
2746 		end = ((void *)-1);
2747 		size = end - buf;
2748 	}
2749 
2750 	while (*fmt) {
2751 		const char *old_fmt = fmt;
2752 		int read = format_decode(fmt, &spec);
2753 
2754 		fmt += read;
2755 
2756 		switch (spec.type) {
2757 		case FORMAT_TYPE_NONE: {
2758 			int copy = read;
2759 			if (str < end) {
2760 				if (copy > end - str)
2761 					copy = end - str;
2762 				memcpy(str, old_fmt, copy);
2763 			}
2764 			str += read;
2765 			break;
2766 		}
2767 
2768 		case FORMAT_TYPE_WIDTH:
2769 			set_field_width(&spec, va_arg(args, int));
2770 			break;
2771 
2772 		case FORMAT_TYPE_PRECISION:
2773 			set_precision(&spec, va_arg(args, int));
2774 			break;
2775 
2776 		case FORMAT_TYPE_CHAR: {
2777 			char c;
2778 
2779 			if (!(spec.flags & LEFT)) {
2780 				while (--spec.field_width > 0) {
2781 					if (str < end)
2782 						*str = ' ';
2783 					++str;
2784 
2785 				}
2786 			}
2787 			c = (unsigned char) va_arg(args, int);
2788 			if (str < end)
2789 				*str = c;
2790 			++str;
2791 			while (--spec.field_width > 0) {
2792 				if (str < end)
2793 					*str = ' ';
2794 				++str;
2795 			}
2796 			break;
2797 		}
2798 
2799 		case FORMAT_TYPE_STR:
2800 			str = string(str, end, va_arg(args, char *), spec);
2801 			break;
2802 
2803 		case FORMAT_TYPE_PTR:
2804 			str = pointer(fmt, str, end, va_arg(args, void *),
2805 				      spec);
2806 			while (isalnum(*fmt))
2807 				fmt++;
2808 			break;
2809 
2810 		case FORMAT_TYPE_PERCENT_CHAR:
2811 			if (str < end)
2812 				*str = '%';
2813 			++str;
2814 			break;
2815 
2816 		case FORMAT_TYPE_INVALID:
2817 			/*
2818 			 * Presumably the arguments passed gcc's type
2819 			 * checking, but there is no safe or sane way
2820 			 * for us to continue parsing the format and
2821 			 * fetching from the va_list; the remaining
2822 			 * specifiers and arguments would be out of
2823 			 * sync.
2824 			 */
2825 			goto out;
2826 
2827 		default:
2828 			switch (spec.type) {
2829 			case FORMAT_TYPE_LONG_LONG:
2830 				num = va_arg(args, long long);
2831 				break;
2832 			case FORMAT_TYPE_ULONG:
2833 				num = va_arg(args, unsigned long);
2834 				break;
2835 			case FORMAT_TYPE_LONG:
2836 				num = va_arg(args, long);
2837 				break;
2838 			case FORMAT_TYPE_SIZE_T:
2839 				if (spec.flags & SIGN)
2840 					num = va_arg(args, ssize_t);
2841 				else
2842 					num = va_arg(args, size_t);
2843 				break;
2844 			case FORMAT_TYPE_PTRDIFF:
2845 				num = va_arg(args, ptrdiff_t);
2846 				break;
2847 			case FORMAT_TYPE_UBYTE:
2848 				num = (unsigned char) va_arg(args, int);
2849 				break;
2850 			case FORMAT_TYPE_BYTE:
2851 				num = (signed char) va_arg(args, int);
2852 				break;
2853 			case FORMAT_TYPE_USHORT:
2854 				num = (unsigned short) va_arg(args, int);
2855 				break;
2856 			case FORMAT_TYPE_SHORT:
2857 				num = (short) va_arg(args, int);
2858 				break;
2859 			case FORMAT_TYPE_INT:
2860 				num = (int) va_arg(args, int);
2861 				break;
2862 			default:
2863 				num = va_arg(args, unsigned int);
2864 			}
2865 
2866 			str = number(str, end, num, spec);
2867 		}
2868 	}
2869 
2870 out:
2871 	if (size > 0) {
2872 		if (str < end)
2873 			*str = '\0';
2874 		else
2875 			end[-1] = '\0';
2876 	}
2877 
2878 	/* the trailing null byte doesn't count towards the total */
2879 	return str-buf;
2880 
2881 }
2882 EXPORT_SYMBOL(vsnprintf);
2883 
2884 /**
2885  * vscnprintf - Format a string and place it in a buffer
2886  * @buf: The buffer to place the result into
2887  * @size: The size of the buffer, including the trailing null space
2888  * @fmt: The format string to use
2889  * @args: Arguments for the format string
2890  *
2891  * The return value is the number of characters which have been written into
2892  * the @buf not including the trailing '\0'. If @size is == 0 the function
2893  * returns 0.
2894  *
2895  * If you're not already dealing with a va_list consider using scnprintf().
2896  *
2897  * See the vsnprintf() documentation for format string extensions over C99.
2898  */
vscnprintf(char * buf,size_t size,const char * fmt,va_list args)2899 int vscnprintf(char *buf, size_t size, const char *fmt, va_list args)
2900 {
2901 	int i;
2902 
2903 	if (unlikely(!size))
2904 		return 0;
2905 
2906 	i = vsnprintf(buf, size, fmt, args);
2907 
2908 	if (likely(i < size))
2909 		return i;
2910 
2911 	return size - 1;
2912 }
2913 EXPORT_SYMBOL(vscnprintf);
2914 
2915 /**
2916  * snprintf - Format a string and place it in a buffer
2917  * @buf: The buffer to place the result into
2918  * @size: The size of the buffer, including the trailing null space
2919  * @fmt: The format string to use
2920  * @...: Arguments for the format string
2921  *
2922  * The return value is the number of characters which would be
2923  * generated for the given input, excluding the trailing null,
2924  * as per ISO C99.  If the return is greater than or equal to
2925  * @size, the resulting string is truncated.
2926  *
2927  * See the vsnprintf() documentation for format string extensions over C99.
2928  */
snprintf(char * buf,size_t size,const char * fmt,...)2929 int snprintf(char *buf, size_t size, const char *fmt, ...)
2930 {
2931 	va_list args;
2932 	int i;
2933 
2934 	va_start(args, fmt);
2935 	i = vsnprintf(buf, size, fmt, args);
2936 	va_end(args);
2937 
2938 	return i;
2939 }
2940 EXPORT_SYMBOL(snprintf);
2941 
2942 /**
2943  * scnprintf - Format a string and place it in a buffer
2944  * @buf: The buffer to place the result into
2945  * @size: The size of the buffer, including the trailing null space
2946  * @fmt: The format string to use
2947  * @...: Arguments for the format string
2948  *
2949  * The return value is the number of characters written into @buf not including
2950  * the trailing '\0'. If @size is == 0 the function returns 0.
2951  */
2952 
scnprintf(char * buf,size_t size,const char * fmt,...)2953 int scnprintf(char *buf, size_t size, const char *fmt, ...)
2954 {
2955 	va_list args;
2956 	int i;
2957 
2958 	va_start(args, fmt);
2959 	i = vscnprintf(buf, size, fmt, args);
2960 	va_end(args);
2961 
2962 	return i;
2963 }
2964 EXPORT_SYMBOL(scnprintf);
2965 
2966 /**
2967  * vsprintf - Format a string and place it in a buffer
2968  * @buf: The buffer to place the result into
2969  * @fmt: The format string to use
2970  * @args: Arguments for the format string
2971  *
2972  * The function returns the number of characters written
2973  * into @buf. Use vsnprintf() or vscnprintf() in order to avoid
2974  * buffer overflows.
2975  *
2976  * If you're not already dealing with a va_list consider using sprintf().
2977  *
2978  * See the vsnprintf() documentation for format string extensions over C99.
2979  */
vsprintf(char * buf,const char * fmt,va_list args)2980 int vsprintf(char *buf, const char *fmt, va_list args)
2981 {
2982 	return vsnprintf(buf, INT_MAX, fmt, args);
2983 }
2984 EXPORT_SYMBOL(vsprintf);
2985 
2986 /**
2987  * sprintf - Format a string and place it in a buffer
2988  * @buf: The buffer to place the result into
2989  * @fmt: The format string to use
2990  * @...: Arguments for the format string
2991  *
2992  * The function returns the number of characters written
2993  * into @buf. Use snprintf() or scnprintf() in order to avoid
2994  * buffer overflows.
2995  *
2996  * See the vsnprintf() documentation for format string extensions over C99.
2997  */
sprintf(char * buf,const char * fmt,...)2998 int sprintf(char *buf, const char *fmt, ...)
2999 {
3000 	va_list args;
3001 	int i;
3002 
3003 	va_start(args, fmt);
3004 	i = vsnprintf(buf, INT_MAX, fmt, args);
3005 	va_end(args);
3006 
3007 	return i;
3008 }
3009 EXPORT_SYMBOL(sprintf);
3010 
3011 #ifdef CONFIG_BINARY_PRINTF
3012 /*
3013  * bprintf service:
3014  * vbin_printf() - VA arguments to binary data
3015  * bstr_printf() - Binary data to text string
3016  */
3017 
3018 /**
3019  * vbin_printf - Parse a format string and place args' binary value in a buffer
3020  * @bin_buf: The buffer to place args' binary value
3021  * @size: The size of the buffer(by words(32bits), not characters)
3022  * @fmt: The format string to use
3023  * @args: Arguments for the format string
3024  *
3025  * The format follows C99 vsnprintf, except %n is ignored, and its argument
3026  * is skipped.
3027  *
3028  * The return value is the number of words(32bits) which would be generated for
3029  * the given input.
3030  *
3031  * NOTE:
3032  * If the return value is greater than @size, the resulting bin_buf is NOT
3033  * valid for bstr_printf().
3034  */
vbin_printf(u32 * bin_buf,size_t size,const char * fmt,va_list args)3035 int vbin_printf(u32 *bin_buf, size_t size, const char *fmt, va_list args)
3036 {
3037 	struct printf_spec spec = {0};
3038 	char *str, *end;
3039 	int width;
3040 
3041 	str = (char *)bin_buf;
3042 	end = (char *)(bin_buf + size);
3043 
3044 #define save_arg(type)							\
3045 ({									\
3046 	unsigned long long value;					\
3047 	if (sizeof(type) == 8) {					\
3048 		unsigned long long val8;				\
3049 		str = PTR_ALIGN(str, sizeof(u32));			\
3050 		val8 = va_arg(args, unsigned long long);		\
3051 		if (str + sizeof(type) <= end) {			\
3052 			*(u32 *)str = *(u32 *)&val8;			\
3053 			*(u32 *)(str + 4) = *((u32 *)&val8 + 1);	\
3054 		}							\
3055 		value = val8;						\
3056 	} else {							\
3057 		unsigned int val4;					\
3058 		str = PTR_ALIGN(str, sizeof(type));			\
3059 		val4 = va_arg(args, int);				\
3060 		if (str + sizeof(type) <= end)				\
3061 			*(typeof(type) *)str = (type)(long)val4;	\
3062 		value = (unsigned long long)val4;			\
3063 	}								\
3064 	str += sizeof(type);						\
3065 	value;								\
3066 })
3067 
3068 	while (*fmt) {
3069 		int read = format_decode(fmt, &spec);
3070 
3071 		fmt += read;
3072 
3073 		switch (spec.type) {
3074 		case FORMAT_TYPE_NONE:
3075 		case FORMAT_TYPE_PERCENT_CHAR:
3076 			break;
3077 		case FORMAT_TYPE_INVALID:
3078 			goto out;
3079 
3080 		case FORMAT_TYPE_WIDTH:
3081 		case FORMAT_TYPE_PRECISION:
3082 			width = (int)save_arg(int);
3083 			/* Pointers may require the width */
3084 			if (*fmt == 'p')
3085 				set_field_width(&spec, width);
3086 			break;
3087 
3088 		case FORMAT_TYPE_CHAR:
3089 			save_arg(char);
3090 			break;
3091 
3092 		case FORMAT_TYPE_STR: {
3093 			const char *save_str = va_arg(args, char *);
3094 			const char *err_msg;
3095 			size_t len;
3096 
3097 			err_msg = check_pointer_msg(save_str);
3098 			if (err_msg)
3099 				save_str = err_msg;
3100 
3101 			len = strlen(save_str) + 1;
3102 			if (str + len < end)
3103 				memcpy(str, save_str, len);
3104 			str += len;
3105 			break;
3106 		}
3107 
3108 		case FORMAT_TYPE_PTR:
3109 			/* Dereferenced pointers must be done now */
3110 			switch (*fmt) {
3111 			/* Dereference of functions is still OK */
3112 			case 'S':
3113 			case 's':
3114 			case 'x':
3115 			case 'K':
3116 			case 'e':
3117 				save_arg(void *);
3118 				break;
3119 			default:
3120 				if (!isalnum(*fmt)) {
3121 					save_arg(void *);
3122 					break;
3123 				}
3124 				str = pointer(fmt, str, end, va_arg(args, void *),
3125 					      spec);
3126 				if (str + 1 < end)
3127 					*str++ = '\0';
3128 				else
3129 					end[-1] = '\0'; /* Must be nul terminated */
3130 			}
3131 			/* skip all alphanumeric pointer suffixes */
3132 			while (isalnum(*fmt))
3133 				fmt++;
3134 			break;
3135 
3136 		default:
3137 			switch (spec.type) {
3138 
3139 			case FORMAT_TYPE_LONG_LONG:
3140 				save_arg(long long);
3141 				break;
3142 			case FORMAT_TYPE_ULONG:
3143 			case FORMAT_TYPE_LONG:
3144 				save_arg(unsigned long);
3145 				break;
3146 			case FORMAT_TYPE_SIZE_T:
3147 				save_arg(size_t);
3148 				break;
3149 			case FORMAT_TYPE_PTRDIFF:
3150 				save_arg(ptrdiff_t);
3151 				break;
3152 			case FORMAT_TYPE_UBYTE:
3153 			case FORMAT_TYPE_BYTE:
3154 				save_arg(char);
3155 				break;
3156 			case FORMAT_TYPE_USHORT:
3157 			case FORMAT_TYPE_SHORT:
3158 				save_arg(short);
3159 				break;
3160 			default:
3161 				save_arg(int);
3162 			}
3163 		}
3164 	}
3165 
3166 out:
3167 	return (u32 *)(PTR_ALIGN(str, sizeof(u32))) - bin_buf;
3168 #undef save_arg
3169 }
3170 EXPORT_SYMBOL_GPL(vbin_printf);
3171 
3172 /**
3173  * bstr_printf - Format a string from binary arguments and place it in a buffer
3174  * @buf: The buffer to place the result into
3175  * @size: The size of the buffer, including the trailing null space
3176  * @fmt: The format string to use
3177  * @bin_buf: Binary arguments for the format string
3178  *
3179  * This function like C99 vsnprintf, but the difference is that vsnprintf gets
3180  * arguments from stack, and bstr_printf gets arguments from @bin_buf which is
3181  * a binary buffer that generated by vbin_printf.
3182  *
3183  * The format follows C99 vsnprintf, but has some extensions:
3184  *  see vsnprintf comment for details.
3185  *
3186  * The return value is the number of characters which would
3187  * be generated for the given input, excluding the trailing
3188  * '\0', as per ISO C99. If you want to have the exact
3189  * number of characters written into @buf as return value
3190  * (not including the trailing '\0'), use vscnprintf(). If the
3191  * return is greater than or equal to @size, the resulting
3192  * string is truncated.
3193  */
bstr_printf(char * buf,size_t size,const char * fmt,const u32 * bin_buf)3194 int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf)
3195 {
3196 	struct printf_spec spec = {0};
3197 	char *str, *end;
3198 	const char *args = (const char *)bin_buf;
3199 
3200 	if (WARN_ON_ONCE(size > INT_MAX))
3201 		return 0;
3202 
3203 	str = buf;
3204 	end = buf + size;
3205 
3206 #define get_arg(type)							\
3207 ({									\
3208 	typeof(type) value;						\
3209 	if (sizeof(type) == 8) {					\
3210 		args = PTR_ALIGN(args, sizeof(u32));			\
3211 		*(u32 *)&value = *(u32 *)args;				\
3212 		*((u32 *)&value + 1) = *(u32 *)(args + 4);		\
3213 	} else {							\
3214 		args = PTR_ALIGN(args, sizeof(type));			\
3215 		value = *(typeof(type) *)args;				\
3216 	}								\
3217 	args += sizeof(type);						\
3218 	value;								\
3219 })
3220 
3221 	/* Make sure end is always >= buf */
3222 	if (end < buf) {
3223 		end = ((void *)-1);
3224 		size = end - buf;
3225 	}
3226 
3227 	while (*fmt) {
3228 		const char *old_fmt = fmt;
3229 		int read = format_decode(fmt, &spec);
3230 
3231 		fmt += read;
3232 
3233 		switch (spec.type) {
3234 		case FORMAT_TYPE_NONE: {
3235 			int copy = read;
3236 			if (str < end) {
3237 				if (copy > end - str)
3238 					copy = end - str;
3239 				memcpy(str, old_fmt, copy);
3240 			}
3241 			str += read;
3242 			break;
3243 		}
3244 
3245 		case FORMAT_TYPE_WIDTH:
3246 			set_field_width(&spec, get_arg(int));
3247 			break;
3248 
3249 		case FORMAT_TYPE_PRECISION:
3250 			set_precision(&spec, get_arg(int));
3251 			break;
3252 
3253 		case FORMAT_TYPE_CHAR: {
3254 			char c;
3255 
3256 			if (!(spec.flags & LEFT)) {
3257 				while (--spec.field_width > 0) {
3258 					if (str < end)
3259 						*str = ' ';
3260 					++str;
3261 				}
3262 			}
3263 			c = (unsigned char) get_arg(char);
3264 			if (str < end)
3265 				*str = c;
3266 			++str;
3267 			while (--spec.field_width > 0) {
3268 				if (str < end)
3269 					*str = ' ';
3270 				++str;
3271 			}
3272 			break;
3273 		}
3274 
3275 		case FORMAT_TYPE_STR: {
3276 			const char *str_arg = args;
3277 			args += strlen(str_arg) + 1;
3278 			str = string(str, end, (char *)str_arg, spec);
3279 			break;
3280 		}
3281 
3282 		case FORMAT_TYPE_PTR: {
3283 			bool process = false;
3284 			int copy, len;
3285 			/* Non function dereferences were already done */
3286 			switch (*fmt) {
3287 			case 'S':
3288 			case 's':
3289 			case 'x':
3290 			case 'K':
3291 			case 'e':
3292 				process = true;
3293 				break;
3294 			default:
3295 				if (!isalnum(*fmt)) {
3296 					process = true;
3297 					break;
3298 				}
3299 				/* Pointer dereference was already processed */
3300 				if (str < end) {
3301 					len = copy = strlen(args);
3302 					if (copy > end - str)
3303 						copy = end - str;
3304 					memcpy(str, args, copy);
3305 					str += len;
3306 					args += len + 1;
3307 				}
3308 			}
3309 			if (process)
3310 				str = pointer(fmt, str, end, get_arg(void *), spec);
3311 
3312 			while (isalnum(*fmt))
3313 				fmt++;
3314 			break;
3315 		}
3316 
3317 		case FORMAT_TYPE_PERCENT_CHAR:
3318 			if (str < end)
3319 				*str = '%';
3320 			++str;
3321 			break;
3322 
3323 		case FORMAT_TYPE_INVALID:
3324 			goto out;
3325 
3326 		default: {
3327 			unsigned long long num;
3328 
3329 			switch (spec.type) {
3330 
3331 			case FORMAT_TYPE_LONG_LONG:
3332 				num = get_arg(long long);
3333 				break;
3334 			case FORMAT_TYPE_ULONG:
3335 			case FORMAT_TYPE_LONG:
3336 				num = get_arg(unsigned long);
3337 				break;
3338 			case FORMAT_TYPE_SIZE_T:
3339 				num = get_arg(size_t);
3340 				break;
3341 			case FORMAT_TYPE_PTRDIFF:
3342 				num = get_arg(ptrdiff_t);
3343 				break;
3344 			case FORMAT_TYPE_UBYTE:
3345 				num = get_arg(unsigned char);
3346 				break;
3347 			case FORMAT_TYPE_BYTE:
3348 				num = get_arg(signed char);
3349 				break;
3350 			case FORMAT_TYPE_USHORT:
3351 				num = get_arg(unsigned short);
3352 				break;
3353 			case FORMAT_TYPE_SHORT:
3354 				num = get_arg(short);
3355 				break;
3356 			case FORMAT_TYPE_UINT:
3357 				num = get_arg(unsigned int);
3358 				break;
3359 			default:
3360 				num = get_arg(int);
3361 			}
3362 
3363 			str = number(str, end, num, spec);
3364 		} /* default: */
3365 		} /* switch(spec.type) */
3366 	} /* while(*fmt) */
3367 
3368 out:
3369 	if (size > 0) {
3370 		if (str < end)
3371 			*str = '\0';
3372 		else
3373 			end[-1] = '\0';
3374 	}
3375 
3376 #undef get_arg
3377 
3378 	/* the trailing null byte doesn't count towards the total */
3379 	return str - buf;
3380 }
3381 EXPORT_SYMBOL_GPL(bstr_printf);
3382 
3383 /**
3384  * bprintf - Parse a format string and place args' binary value in a buffer
3385  * @bin_buf: The buffer to place args' binary value
3386  * @size: The size of the buffer(by words(32bits), not characters)
3387  * @fmt: The format string to use
3388  * @...: Arguments for the format string
3389  *
3390  * The function returns the number of words(u32) written
3391  * into @bin_buf.
3392  */
bprintf(u32 * bin_buf,size_t size,const char * fmt,...)3393 int bprintf(u32 *bin_buf, size_t size, const char *fmt, ...)
3394 {
3395 	va_list args;
3396 	int ret;
3397 
3398 	va_start(args, fmt);
3399 	ret = vbin_printf(bin_buf, size, fmt, args);
3400 	va_end(args);
3401 
3402 	return ret;
3403 }
3404 EXPORT_SYMBOL_GPL(bprintf);
3405 
3406 #endif /* CONFIG_BINARY_PRINTF */
3407 
3408 /**
3409  * vsscanf - Unformat a buffer into a list of arguments
3410  * @buf:	input buffer
3411  * @fmt:	format of buffer
3412  * @args:	arguments
3413  */
vsscanf(const char * buf,const char * fmt,va_list args)3414 int vsscanf(const char *buf, const char *fmt, va_list args)
3415 {
3416 	const char *str = buf;
3417 	char *next;
3418 	char digit;
3419 	int num = 0;
3420 	u8 qualifier;
3421 	unsigned int base;
3422 	union {
3423 		long long s;
3424 		unsigned long long u;
3425 	} val;
3426 	s16 field_width;
3427 	bool is_sign;
3428 
3429 	while (*fmt) {
3430 		/* skip any white space in format */
3431 		/* white space in format matches any amount of
3432 		 * white space, including none, in the input.
3433 		 */
3434 		if (isspace(*fmt)) {
3435 			fmt = skip_spaces(++fmt);
3436 			str = skip_spaces(str);
3437 		}
3438 
3439 		/* anything that is not a conversion must match exactly */
3440 		if (*fmt != '%' && *fmt) {
3441 			if (*fmt++ != *str++)
3442 				break;
3443 			continue;
3444 		}
3445 
3446 		if (!*fmt)
3447 			break;
3448 		++fmt;
3449 
3450 		/* skip this conversion.
3451 		 * advance both strings to next white space
3452 		 */
3453 		if (*fmt == '*') {
3454 			if (!*str)
3455 				break;
3456 			while (!isspace(*fmt) && *fmt != '%' && *fmt) {
3457 				/* '%*[' not yet supported, invalid format */
3458 				if (*fmt == '[')
3459 					return num;
3460 				fmt++;
3461 			}
3462 			while (!isspace(*str) && *str)
3463 				str++;
3464 			continue;
3465 		}
3466 
3467 		/* get field width */
3468 		field_width = -1;
3469 		if (isdigit(*fmt)) {
3470 			field_width = skip_atoi(&fmt);
3471 			if (field_width <= 0)
3472 				break;
3473 		}
3474 
3475 		/* get conversion qualifier */
3476 		qualifier = -1;
3477 		if (*fmt == 'h' || _tolower(*fmt) == 'l' ||
3478 		    *fmt == 'z') {
3479 			qualifier = *fmt++;
3480 			if (unlikely(qualifier == *fmt)) {
3481 				if (qualifier == 'h') {
3482 					qualifier = 'H';
3483 					fmt++;
3484 				} else if (qualifier == 'l') {
3485 					qualifier = 'L';
3486 					fmt++;
3487 				}
3488 			}
3489 		}
3490 
3491 		if (!*fmt)
3492 			break;
3493 
3494 		if (*fmt == 'n') {
3495 			/* return number of characters read so far */
3496 			*va_arg(args, int *) = str - buf;
3497 			++fmt;
3498 			continue;
3499 		}
3500 
3501 		if (!*str)
3502 			break;
3503 
3504 		base = 10;
3505 		is_sign = false;
3506 
3507 		switch (*fmt++) {
3508 		case 'c':
3509 		{
3510 			char *s = (char *)va_arg(args, char*);
3511 			if (field_width == -1)
3512 				field_width = 1;
3513 			do {
3514 				*s++ = *str++;
3515 			} while (--field_width > 0 && *str);
3516 			num++;
3517 		}
3518 		continue;
3519 		case 's':
3520 		{
3521 			char *s = (char *)va_arg(args, char *);
3522 			if (field_width == -1)
3523 				field_width = SHRT_MAX;
3524 			/* first, skip leading white space in buffer */
3525 			str = skip_spaces(str);
3526 
3527 			/* now copy until next white space */
3528 			while (*str && !isspace(*str) && field_width--)
3529 				*s++ = *str++;
3530 			*s = '\0';
3531 			num++;
3532 		}
3533 		continue;
3534 		/*
3535 		 * Warning: This implementation of the '[' conversion specifier
3536 		 * deviates from its glibc counterpart in the following ways:
3537 		 * (1) It does NOT support ranges i.e. '-' is NOT a special
3538 		 *     character
3539 		 * (2) It cannot match the closing bracket ']' itself
3540 		 * (3) A field width is required
3541 		 * (4) '%*[' (discard matching input) is currently not supported
3542 		 *
3543 		 * Example usage:
3544 		 * ret = sscanf("00:0a:95","%2[^:]:%2[^:]:%2[^:]",
3545 		 *		buf1, buf2, buf3);
3546 		 * if (ret < 3)
3547 		 *    // etc..
3548 		 */
3549 		case '[':
3550 		{
3551 			char *s = (char *)va_arg(args, char *);
3552 			DECLARE_BITMAP(set, 256) = {0};
3553 			unsigned int len = 0;
3554 			bool negate = (*fmt == '^');
3555 
3556 			/* field width is required */
3557 			if (field_width == -1)
3558 				return num;
3559 
3560 			if (negate)
3561 				++fmt;
3562 
3563 			for ( ; *fmt && *fmt != ']'; ++fmt, ++len)
3564 				__set_bit((u8)*fmt, set);
3565 
3566 			/* no ']' or no character set found */
3567 			if (!*fmt || !len)
3568 				return num;
3569 			++fmt;
3570 
3571 			if (negate) {
3572 				bitmap_complement(set, set, 256);
3573 				/* exclude null '\0' byte */
3574 				__clear_bit(0, set);
3575 			}
3576 
3577 			/* match must be non-empty */
3578 			if (!test_bit((u8)*str, set))
3579 				return num;
3580 
3581 			while (test_bit((u8)*str, set) && field_width--)
3582 				*s++ = *str++;
3583 			*s = '\0';
3584 			++num;
3585 		}
3586 		continue;
3587 		case 'o':
3588 			base = 8;
3589 			break;
3590 		case 'x':
3591 		case 'X':
3592 			base = 16;
3593 			break;
3594 		case 'i':
3595 			base = 0;
3596 			fallthrough;
3597 		case 'd':
3598 			is_sign = true;
3599 			fallthrough;
3600 		case 'u':
3601 			break;
3602 		case '%':
3603 			/* looking for '%' in str */
3604 			if (*str++ != '%')
3605 				return num;
3606 			continue;
3607 		default:
3608 			/* invalid format; stop here */
3609 			return num;
3610 		}
3611 
3612 		/* have some sort of integer conversion.
3613 		 * first, skip white space in buffer.
3614 		 */
3615 		str = skip_spaces(str);
3616 
3617 		digit = *str;
3618 		if (is_sign && digit == '-') {
3619 			if (field_width == 1)
3620 				break;
3621 
3622 			digit = *(str + 1);
3623 		}
3624 
3625 		if (!digit
3626 		    || (base == 16 && !isxdigit(digit))
3627 		    || (base == 10 && !isdigit(digit))
3628 		    || (base == 8 && (!isdigit(digit) || digit > '7'))
3629 		    || (base == 0 && !isdigit(digit)))
3630 			break;
3631 
3632 		if (is_sign)
3633 			val.s = simple_strntoll(str,
3634 						field_width >= 0 ? field_width : INT_MAX,
3635 						&next, base);
3636 		else
3637 			val.u = simple_strntoull(str,
3638 						 field_width >= 0 ? field_width : INT_MAX,
3639 						 &next, base);
3640 
3641 		switch (qualifier) {
3642 		case 'H':	/* that's 'hh' in format */
3643 			if (is_sign)
3644 				*va_arg(args, signed char *) = val.s;
3645 			else
3646 				*va_arg(args, unsigned char *) = val.u;
3647 			break;
3648 		case 'h':
3649 			if (is_sign)
3650 				*va_arg(args, short *) = val.s;
3651 			else
3652 				*va_arg(args, unsigned short *) = val.u;
3653 			break;
3654 		case 'l':
3655 			if (is_sign)
3656 				*va_arg(args, long *) = val.s;
3657 			else
3658 				*va_arg(args, unsigned long *) = val.u;
3659 			break;
3660 		case 'L':
3661 			if (is_sign)
3662 				*va_arg(args, long long *) = val.s;
3663 			else
3664 				*va_arg(args, unsigned long long *) = val.u;
3665 			break;
3666 		case 'z':
3667 			*va_arg(args, size_t *) = val.u;
3668 			break;
3669 		default:
3670 			if (is_sign)
3671 				*va_arg(args, int *) = val.s;
3672 			else
3673 				*va_arg(args, unsigned int *) = val.u;
3674 			break;
3675 		}
3676 		num++;
3677 
3678 		if (!next)
3679 			break;
3680 		str = next;
3681 	}
3682 
3683 	return num;
3684 }
3685 EXPORT_SYMBOL(vsscanf);
3686 
3687 /**
3688  * sscanf - Unformat a buffer into a list of arguments
3689  * @buf:	input buffer
3690  * @fmt:	formatting of buffer
3691  * @...:	resulting arguments
3692  */
sscanf(const char * buf,const char * fmt,...)3693 int sscanf(const char *buf, const char *fmt, ...)
3694 {
3695 	va_list args;
3696 	int i;
3697 
3698 	va_start(args, fmt);
3699 	i = vsscanf(buf, fmt, args);
3700 	va_end(args);
3701 
3702 	return i;
3703 }
3704 EXPORT_SYMBOL(sscanf);
3705