1 /*
2  * This file is subject to the terms and conditions of the GNU General Public
3  * License.  See the file "COPYING" in the main directory of this archive
4  * for more details.
5  *
6  * Copyright (C) 1996, 1997, 1998, 1999, 2000, 03, 04 by Ralf Baechle
7  * Copyright (C) 1999, 2000 Silicon Graphics, Inc.
8  * Copyright (C) 2007  Maciej W. Rozycki
9  */
10 #ifndef _ASM_UACCESS_H
11 #define _ASM_UACCESS_H
12 
13 #include <linux/kernel.h>
14 #include <linux/errno.h>
15 #include <linux/thread_info.h>
16 
17 /*
18  * The fs value determines whether argument validity checking should be
19  * performed or not.  If get_fs() == USER_DS, checking is performed, with
20  * get_fs() == KERNEL_DS, checking is bypassed.
21  *
22  * For historical reasons, these macros are grossly misnamed.
23  */
24 #ifdef CONFIG_32BIT
25 
26 #define __UA_LIMIT	0x80000000UL
27 
28 #define __UA_ADDR	".word"
29 #define __UA_LA		"la"
30 #define __UA_ADDU	"addu"
31 #define __UA_t0		"$8"
32 #define __UA_t1		"$9"
33 
34 #endif /* CONFIG_32BIT */
35 
36 #ifdef CONFIG_64BIT
37 
38 extern u64 __ua_limit;
39 
40 #define __UA_LIMIT	__ua_limit
41 
42 #define __UA_ADDR	".dword"
43 #define __UA_LA		"dla"
44 #define __UA_ADDU	"daddu"
45 #define __UA_t0		"$12"
46 #define __UA_t1		"$13"
47 
48 #endif /* CONFIG_64BIT */
49 
50 /*
51  * USER_DS is a bitmask that has the bits set that may not be set in a valid
52  * userspace address.  Note that we limit 32-bit userspace to 0x7fff8000 but
53  * the arithmetic we're doing only works if the limit is a power of two, so
54  * we use 0x80000000 here on 32-bit kernels.  If a process passes an invalid
55  * address in this range it's the process's problem, not ours :-)
56  */
57 
58 #define KERNEL_DS	((mm_segment_t) { 0UL })
59 #define USER_DS		((mm_segment_t) { __UA_LIMIT })
60 
61 #define VERIFY_READ    0
62 #define VERIFY_WRITE   1
63 
64 #define get_ds()	(KERNEL_DS)
65 #define get_fs()	(current_thread_info()->addr_limit)
66 #define set_fs(x)	(current_thread_info()->addr_limit = (x))
67 
68 #define segment_eq(a, b)	((a).seg == (b).seg)
69 
70 
71 /*
72  * Is a address valid? This does a straighforward calculation rather
73  * than tests.
74  *
75  * Address valid if:
76  *  - "addr" doesn't have any high-bits set
77  *  - AND "size" doesn't have any high-bits set
78  *  - AND "addr+size" doesn't have any high-bits set
79  *  - OR we are in kernel mode.
80  *
81  * __ua_size() is a trick to avoid runtime checking of positive constant
82  * sizes; for those we already know at compile time that the size is ok.
83  */
84 #define __ua_size(size)							\
85 	((__builtin_constant_p(size) && (signed long) (size) > 0) ? 0 : (size))
86 
87 /*
88  * access_ok: - Checks if a user space pointer is valid
89  * @type: Type of access: %VERIFY_READ or %VERIFY_WRITE.  Note that
90  *        %VERIFY_WRITE is a superset of %VERIFY_READ - if it is safe
91  *        to write to a block, it is always safe to read from it.
92  * @addr: User space pointer to start of block to check
93  * @size: Size of block to check
94  *
95  * Context: User context only.  This function may sleep.
96  *
97  * Checks if a pointer to a block of memory in user space is valid.
98  *
99  * Returns true (nonzero) if the memory block may be valid, false (zero)
100  * if it is definitely invalid.
101  *
102  * Note that, depending on architecture, this function probably just
103  * checks that the pointer is in the user space range - after calling
104  * this function, memory access functions may still return -EFAULT.
105  */
106 
107 #define __access_mask get_fs().seg
108 
109 #define __access_ok(addr, size, mask)					\
110 ({									\
111 	unsigned long __addr = (unsigned long) (addr);			\
112 	unsigned long __size = size;					\
113 	unsigned long __mask = mask;					\
114 	unsigned long __ok;						\
115 									\
116 	__chk_user_ptr(addr);						\
117 	__ok = (signed long)(__mask & (__addr | (__addr + __size) |	\
118 		__ua_size(__size)));					\
119 	__ok == 0;							\
120 })
121 
122 #define access_ok(type, addr, size)					\
123 	likely(__access_ok((addr), (size), __access_mask))
124 
125 /*
126  * put_user: - Write a simple value into user space.
127  * @x:   Value to copy to user space.
128  * @ptr: Destination address, in user space.
129  *
130  * Context: User context only.  This function may sleep.
131  *
132  * This macro copies a single simple value from kernel space to user
133  * space.  It supports simple types like char and int, but not larger
134  * data types like structures or arrays.
135  *
136  * @ptr must have pointer-to-simple-variable type, and @x must be assignable
137  * to the result of dereferencing @ptr.
138  *
139  * Returns zero on success, or -EFAULT on error.
140  */
141 #define put_user(x,ptr)	\
142 	__put_user_check((x), (ptr), sizeof(*(ptr)))
143 
144 /*
145  * get_user: - Get a simple variable from user space.
146  * @x:   Variable to store result.
147  * @ptr: Source address, in user space.
148  *
149  * Context: User context only.  This function may sleep.
150  *
151  * This macro copies a single simple variable from user space to kernel
152  * space.  It supports simple types like char and int, but not larger
153  * data types like structures or arrays.
154  *
155  * @ptr must have pointer-to-simple-variable type, and the result of
156  * dereferencing @ptr must be assignable to @x without a cast.
157  *
158  * Returns zero on success, or -EFAULT on error.
159  * On error, the variable @x is set to zero.
160  */
161 #define get_user(x,ptr) \
162 	__get_user_check((x), (ptr), sizeof(*(ptr)))
163 
164 /*
165  * __put_user: - Write a simple value into user space, with less checking.
166  * @x:   Value to copy to user space.
167  * @ptr: Destination address, in user space.
168  *
169  * Context: User context only.  This function may sleep.
170  *
171  * This macro copies a single simple value from kernel space to user
172  * space.  It supports simple types like char and int, but not larger
173  * data types like structures or arrays.
174  *
175  * @ptr must have pointer-to-simple-variable type, and @x must be assignable
176  * to the result of dereferencing @ptr.
177  *
178  * Caller must check the pointer with access_ok() before calling this
179  * function.
180  *
181  * Returns zero on success, or -EFAULT on error.
182  */
183 #define __put_user(x,ptr) \
184 	__put_user_nocheck((x), (ptr), sizeof(*(ptr)))
185 
186 /*
187  * __get_user: - Get a simple variable from user space, with less checking.
188  * @x:   Variable to store result.
189  * @ptr: Source address, in user space.
190  *
191  * Context: User context only.  This function may sleep.
192  *
193  * This macro copies a single simple variable from user space to kernel
194  * space.  It supports simple types like char and int, but not larger
195  * data types like structures or arrays.
196  *
197  * @ptr must have pointer-to-simple-variable type, and the result of
198  * dereferencing @ptr must be assignable to @x without a cast.
199  *
200  * Caller must check the pointer with access_ok() before calling this
201  * function.
202  *
203  * Returns zero on success, or -EFAULT on error.
204  * On error, the variable @x is set to zero.
205  */
206 #define __get_user(x,ptr) \
207 	__get_user_nocheck((x), (ptr), sizeof(*(ptr)))
208 
209 struct __large_struct { unsigned long buf[100]; };
210 #define __m(x) (*(struct __large_struct __user *)(x))
211 
212 /*
213  * Yuck.  We need two variants, one for 64bit operation and one
214  * for 32 bit mode and old iron.
215  */
216 #ifdef CONFIG_32BIT
217 #define __GET_USER_DW(val, ptr) __get_user_asm_ll32(val, ptr)
218 #endif
219 #ifdef CONFIG_64BIT
220 #define __GET_USER_DW(val, ptr) __get_user_asm(val, "ld", ptr)
221 #endif
222 
223 extern void __get_user_unknown(void);
224 
225 #define __get_user_common(val, size, ptr)				\
226 do {									\
227 	switch (size) {							\
228 	case 1: __get_user_asm(val, "lb", ptr); break;			\
229 	case 2: __get_user_asm(val, "lh", ptr); break;			\
230 	case 4: __get_user_asm(val, "lw", ptr); break;			\
231 	case 8: __GET_USER_DW(val, ptr); break;				\
232 	default: __get_user_unknown(); break;				\
233 	}								\
234 } while (0)
235 
236 #define __get_user_nocheck(x, ptr, size)				\
237 ({									\
238 	int __gu_err;							\
239 									\
240 	__chk_user_ptr(ptr);						\
241 	__get_user_common((x), size, ptr);				\
242 	__gu_err;							\
243 })
244 
245 #define __get_user_check(x, ptr, size)					\
246 ({									\
247 	int __gu_err = -EFAULT;						\
248 	const __typeof__(*(ptr)) __user * __gu_ptr = (ptr);		\
249 									\
250 	might_fault();							\
251 	if (likely(access_ok(VERIFY_READ,  __gu_ptr, size)))		\
252 		__get_user_common((x), size, __gu_ptr);			\
253 									\
254 	__gu_err;							\
255 })
256 
257 #define __get_user_asm(val, insn, addr)					\
258 {									\
259 	long __gu_tmp;							\
260 									\
261 	__asm__ __volatile__(						\
262 	"1:	" insn "	%1, %3				\n"	\
263 	"2:							\n"	\
264 	"	.section .fixup,\"ax\"				\n"	\
265 	"3:	li	%0, %4					\n"	\
266 	"	j	2b					\n"	\
267 	"	.previous					\n"	\
268 	"	.section __ex_table,\"a\"			\n"	\
269 	"	"__UA_ADDR "\t1b, 3b				\n"	\
270 	"	.previous					\n"	\
271 	: "=r" (__gu_err), "=r" (__gu_tmp)				\
272 	: "0" (0), "o" (__m(addr)), "i" (-EFAULT));			\
273 									\
274 	(val) = (__typeof__(*(addr))) __gu_tmp;				\
275 }
276 
277 /*
278  * Get a long long 64 using 32 bit registers.
279  */
280 #define __get_user_asm_ll32(val, addr)					\
281 {									\
282 	union {								\
283 		unsigned long long	l;				\
284 		__typeof__(*(addr))	t;				\
285 	} __gu_tmp;							\
286 									\
287 	__asm__ __volatile__(						\
288 	"1:	lw	%1, (%3)				\n"	\
289 	"2:	lw	%D1, 4(%3)				\n"	\
290 	"3:	.section	.fixup,\"ax\"			\n"	\
291 	"4:	li	%0, %4					\n"	\
292 	"	move	%1, $0					\n"	\
293 	"	move	%D1, $0					\n"	\
294 	"	j	3b					\n"	\
295 	"	.previous					\n"	\
296 	"	.section	__ex_table,\"a\"		\n"	\
297 	"	" __UA_ADDR "	1b, 4b				\n"	\
298 	"	" __UA_ADDR "	2b, 4b				\n"	\
299 	"	.previous					\n"	\
300 	: "=r" (__gu_err), "=&r" (__gu_tmp.l)				\
301 	: "0" (0), "r" (addr), "i" (-EFAULT));				\
302 									\
303 	(val) = __gu_tmp.t;						\
304 }
305 
306 /*
307  * Yuck.  We need two variants, one for 64bit operation and one
308  * for 32 bit mode and old iron.
309  */
310 #ifdef CONFIG_32BIT
311 #define __PUT_USER_DW(ptr) __put_user_asm_ll32(ptr)
312 #endif
313 #ifdef CONFIG_64BIT
314 #define __PUT_USER_DW(ptr) __put_user_asm("sd", ptr)
315 #endif
316 
317 #define __put_user_nocheck(x, ptr, size)				\
318 ({									\
319 	__typeof__(*(ptr)) __pu_val;					\
320 	int __pu_err = 0;						\
321 									\
322 	__chk_user_ptr(ptr);						\
323 	__pu_val = (x);							\
324 	switch (size) {							\
325 	case 1: __put_user_asm("sb", ptr); break;			\
326 	case 2: __put_user_asm("sh", ptr); break;			\
327 	case 4: __put_user_asm("sw", ptr); break;			\
328 	case 8: __PUT_USER_DW(ptr); break;				\
329 	default: __put_user_unknown(); break;				\
330 	}								\
331 	__pu_err;							\
332 })
333 
334 #define __put_user_check(x, ptr, size)					\
335 ({									\
336 	__typeof__(*(ptr)) __user *__pu_addr = (ptr);			\
337 	__typeof__(*(ptr)) __pu_val = (x);				\
338 	int __pu_err = -EFAULT;						\
339 									\
340 	might_fault();							\
341 	if (likely(access_ok(VERIFY_WRITE,  __pu_addr, size))) {	\
342 		switch (size) {						\
343 		case 1: __put_user_asm("sb", __pu_addr); break;		\
344 		case 2: __put_user_asm("sh", __pu_addr); break;		\
345 		case 4: __put_user_asm("sw", __pu_addr); break;		\
346 		case 8: __PUT_USER_DW(__pu_addr); break;		\
347 		default: __put_user_unknown(); break;			\
348 		}							\
349 	}								\
350 	__pu_err;							\
351 })
352 
353 #define __put_user_asm(insn, ptr)					\
354 {									\
355 	__asm__ __volatile__(						\
356 	"1:	" insn "	%z2, %3		# __put_user_asm\n"	\
357 	"2:							\n"	\
358 	"	.section	.fixup,\"ax\"			\n"	\
359 	"3:	li	%0, %4					\n"	\
360 	"	j	2b					\n"	\
361 	"	.previous					\n"	\
362 	"	.section	__ex_table,\"a\"		\n"	\
363 	"	" __UA_ADDR "	1b, 3b				\n"	\
364 	"	.previous					\n"	\
365 	: "=r" (__pu_err)						\
366 	: "0" (0), "Jr" (__pu_val), "o" (__m(ptr)),			\
367 	  "i" (-EFAULT));						\
368 }
369 
370 #define __put_user_asm_ll32(ptr)					\
371 {									\
372 	__asm__ __volatile__(						\
373 	"1:	sw	%2, (%3)	# __put_user_asm_ll32	\n"	\
374 	"2:	sw	%D2, 4(%3)				\n"	\
375 	"3:							\n"	\
376 	"	.section	.fixup,\"ax\"			\n"	\
377 	"4:	li	%0, %4					\n"	\
378 	"	j	3b					\n"	\
379 	"	.previous					\n"	\
380 	"	.section	__ex_table,\"a\"		\n"	\
381 	"	" __UA_ADDR "	1b, 4b				\n"	\
382 	"	" __UA_ADDR "	2b, 4b				\n"	\
383 	"	.previous"						\
384 	: "=r" (__pu_err)						\
385 	: "0" (0), "r" (__pu_val), "r" (ptr),				\
386 	  "i" (-EFAULT));						\
387 }
388 
389 extern void __put_user_unknown(void);
390 
391 /*
392  * put_user_unaligned: - Write a simple value into user space.
393  * @x:   Value to copy to user space.
394  * @ptr: Destination address, in user space.
395  *
396  * Context: User context only.  This function may sleep.
397  *
398  * This macro copies a single simple value from kernel space to user
399  * space.  It supports simple types like char and int, but not larger
400  * data types like structures or arrays.
401  *
402  * @ptr must have pointer-to-simple-variable type, and @x must be assignable
403  * to the result of dereferencing @ptr.
404  *
405  * Returns zero on success, or -EFAULT on error.
406  */
407 #define put_user_unaligned(x,ptr)	\
408 	__put_user_unaligned_check((x),(ptr),sizeof(*(ptr)))
409 
410 /*
411  * get_user_unaligned: - Get a simple variable from user space.
412  * @x:   Variable to store result.
413  * @ptr: Source address, in user space.
414  *
415  * Context: User context only.  This function may sleep.
416  *
417  * This macro copies a single simple variable from user space to kernel
418  * space.  It supports simple types like char and int, but not larger
419  * data types like structures or arrays.
420  *
421  * @ptr must have pointer-to-simple-variable type, and the result of
422  * dereferencing @ptr must be assignable to @x without a cast.
423  *
424  * Returns zero on success, or -EFAULT on error.
425  * On error, the variable @x is set to zero.
426  */
427 #define get_user_unaligned(x,ptr) \
428 	__get_user_unaligned_check((x),(ptr),sizeof(*(ptr)))
429 
430 /*
431  * __put_user_unaligned: - Write a simple value into user space, with less checking.
432  * @x:   Value to copy to user space.
433  * @ptr: Destination address, in user space.
434  *
435  * Context: User context only.  This function may sleep.
436  *
437  * This macro copies a single simple value from kernel space to user
438  * space.  It supports simple types like char and int, but not larger
439  * data types like structures or arrays.
440  *
441  * @ptr must have pointer-to-simple-variable type, and @x must be assignable
442  * to the result of dereferencing @ptr.
443  *
444  * Caller must check the pointer with access_ok() before calling this
445  * function.
446  *
447  * Returns zero on success, or -EFAULT on error.
448  */
449 #define __put_user_unaligned(x,ptr) \
450 	__put_user_unaligned_nocheck((x),(ptr),sizeof(*(ptr)))
451 
452 /*
453  * __get_user_unaligned: - Get a simple variable from user space, with less checking.
454  * @x:   Variable to store result.
455  * @ptr: Source address, in user space.
456  *
457  * Context: User context only.  This function may sleep.
458  *
459  * This macro copies a single simple variable from user space to kernel
460  * space.  It supports simple types like char and int, but not larger
461  * data types like structures or arrays.
462  *
463  * @ptr must have pointer-to-simple-variable type, and the result of
464  * dereferencing @ptr must be assignable to @x without a cast.
465  *
466  * Caller must check the pointer with access_ok() before calling this
467  * function.
468  *
469  * Returns zero on success, or -EFAULT on error.
470  * On error, the variable @x is set to zero.
471  */
472 #define __get_user_unaligned(x,ptr) \
473 	__get_user__unalignednocheck((x),(ptr),sizeof(*(ptr)))
474 
475 /*
476  * Yuck.  We need two variants, one for 64bit operation and one
477  * for 32 bit mode and old iron.
478  */
479 #ifdef CONFIG_32BIT
480 #define __GET_USER_UNALIGNED_DW(val, ptr)				\
481 	__get_user_unaligned_asm_ll32(val, ptr)
482 #endif
483 #ifdef CONFIG_64BIT
484 #define __GET_USER_UNALIGNED_DW(val, ptr)				\
485 	__get_user_unaligned_asm(val, "uld", ptr)
486 #endif
487 
488 extern void __get_user_unaligned_unknown(void);
489 
490 #define __get_user_unaligned_common(val, size, ptr)			\
491 do {									\
492 	switch (size) {							\
493 	case 1: __get_user_asm(val, "lb", ptr); break;			\
494 	case 2: __get_user_unaligned_asm(val, "ulh", ptr); break;	\
495 	case 4: __get_user_unaligned_asm(val, "ulw", ptr); break;	\
496 	case 8: __GET_USER_UNALIGNED_DW(val, ptr); break;		\
497 	default: __get_user_unaligned_unknown(); break;			\
498 	}								\
499 } while (0)
500 
501 #define __get_user_unaligned_nocheck(x,ptr,size)			\
502 ({									\
503 	int __gu_err;							\
504 									\
505 	__get_user_unaligned_common((x), size, ptr);			\
506 	__gu_err;							\
507 })
508 
509 #define __get_user_unaligned_check(x,ptr,size)				\
510 ({									\
511 	int __gu_err = -EFAULT;						\
512 	const __typeof__(*(ptr)) __user * __gu_ptr = (ptr);		\
513 									\
514 	if (likely(access_ok(VERIFY_READ,  __gu_ptr, size)))		\
515 		__get_user_unaligned_common((x), size, __gu_ptr);	\
516 									\
517 	__gu_err;							\
518 })
519 
520 #define __get_user_unaligned_asm(val, insn, addr)			\
521 {									\
522 	long __gu_tmp;							\
523 									\
524 	__asm__ __volatile__(						\
525 	"1:	" insn "	%1, %3				\n"	\
526 	"2:							\n"	\
527 	"	.section .fixup,\"ax\"				\n"	\
528 	"3:	li	%0, %4					\n"	\
529 	"	j	2b					\n"	\
530 	"	.previous					\n"	\
531 	"	.section __ex_table,\"a\"			\n"	\
532 	"	"__UA_ADDR "\t1b, 3b				\n"	\
533 	"	"__UA_ADDR "\t1b + 4, 3b			\n"	\
534 	"	.previous					\n"	\
535 	: "=r" (__gu_err), "=r" (__gu_tmp)				\
536 	: "0" (0), "o" (__m(addr)), "i" (-EFAULT));			\
537 									\
538 	(val) = (__typeof__(*(addr))) __gu_tmp;				\
539 }
540 
541 /*
542  * Get a long long 64 using 32 bit registers.
543  */
544 #define __get_user_unaligned_asm_ll32(val, addr)			\
545 {									\
546         unsigned long long __gu_tmp;					\
547 									\
548 	__asm__ __volatile__(						\
549 	"1:	ulw	%1, (%3)				\n"	\
550 	"2:	ulw	%D1, 4(%3)				\n"	\
551 	"	move	%0, $0					\n"	\
552 	"3:	.section	.fixup,\"ax\"			\n"	\
553 	"4:	li	%0, %4					\n"	\
554 	"	move	%1, $0					\n"	\
555 	"	move	%D1, $0					\n"	\
556 	"	j	3b					\n"	\
557 	"	.previous					\n"	\
558 	"	.section	__ex_table,\"a\"		\n"	\
559 	"	" __UA_ADDR "	1b, 4b				\n"	\
560 	"	" __UA_ADDR "	1b + 4, 4b			\n"	\
561 	"	" __UA_ADDR "	2b, 4b				\n"	\
562 	"	" __UA_ADDR "	2b + 4, 4b			\n"	\
563 	"	.previous					\n"	\
564 	: "=r" (__gu_err), "=&r" (__gu_tmp)				\
565 	: "0" (0), "r" (addr), "i" (-EFAULT));				\
566 	(val) = (__typeof__(*(addr))) __gu_tmp;				\
567 }
568 
569 /*
570  * Yuck.  We need two variants, one for 64bit operation and one
571  * for 32 bit mode and old iron.
572  */
573 #ifdef CONFIG_32BIT
574 #define __PUT_USER_UNALIGNED_DW(ptr) __put_user_unaligned_asm_ll32(ptr)
575 #endif
576 #ifdef CONFIG_64BIT
577 #define __PUT_USER_UNALIGNED_DW(ptr) __put_user_unaligned_asm("usd", ptr)
578 #endif
579 
580 #define __put_user_unaligned_nocheck(x,ptr,size)			\
581 ({									\
582 	__typeof__(*(ptr)) __pu_val;					\
583 	int __pu_err = 0;						\
584 									\
585 	__pu_val = (x);							\
586 	switch (size) {							\
587 	case 1: __put_user_asm("sb", ptr); break;			\
588 	case 2: __put_user_unaligned_asm("ush", ptr); break;		\
589 	case 4: __put_user_unaligned_asm("usw", ptr); break;		\
590 	case 8: __PUT_USER_UNALIGNED_DW(ptr); break;			\
591 	default: __put_user_unaligned_unknown(); break;			\
592 	}								\
593 	__pu_err;							\
594 })
595 
596 #define __put_user_unaligned_check(x,ptr,size)				\
597 ({									\
598 	__typeof__(*(ptr)) __user *__pu_addr = (ptr);			\
599 	__typeof__(*(ptr)) __pu_val = (x);				\
600 	int __pu_err = -EFAULT;						\
601 									\
602 	if (likely(access_ok(VERIFY_WRITE,  __pu_addr, size))) {	\
603 		switch (size) {						\
604 		case 1: __put_user_asm("sb", __pu_addr); break;		\
605 		case 2: __put_user_unaligned_asm("ush", __pu_addr); break; \
606 		case 4: __put_user_unaligned_asm("usw", __pu_addr); break; \
607 		case 8: __PUT_USER_UNALGINED_DW(__pu_addr); break;	\
608 		default: __put_user_unaligned_unknown(); break;		\
609 		}							\
610 	}								\
611 	__pu_err;							\
612 })
613 
614 #define __put_user_unaligned_asm(insn, ptr)				\
615 {									\
616 	__asm__ __volatile__(						\
617 	"1:	" insn "	%z2, %3		# __put_user_unaligned_asm\n" \
618 	"2:							\n"	\
619 	"	.section	.fixup,\"ax\"			\n"	\
620 	"3:	li	%0, %4					\n"	\
621 	"	j	2b					\n"	\
622 	"	.previous					\n"	\
623 	"	.section	__ex_table,\"a\"		\n"	\
624 	"	" __UA_ADDR "	1b, 3b				\n"	\
625 	"	.previous					\n"	\
626 	: "=r" (__pu_err)						\
627 	: "0" (0), "Jr" (__pu_val), "o" (__m(ptr)),			\
628 	  "i" (-EFAULT));						\
629 }
630 
631 #define __put_user_unaligned_asm_ll32(ptr)				\
632 {									\
633 	__asm__ __volatile__(						\
634 	"1:	sw	%2, (%3)	# __put_user_unaligned_asm_ll32	\n" \
635 	"2:	sw	%D2, 4(%3)				\n"	\
636 	"3:							\n"	\
637 	"	.section	.fixup,\"ax\"			\n"	\
638 	"4:	li	%0, %4					\n"	\
639 	"	j	3b					\n"	\
640 	"	.previous					\n"	\
641 	"	.section	__ex_table,\"a\"		\n"	\
642 	"	" __UA_ADDR "	1b, 4b				\n"	\
643 	"	" __UA_ADDR "	1b + 4, 4b			\n"	\
644 	"	" __UA_ADDR "	2b, 4b				\n"	\
645 	"	" __UA_ADDR "	2b + 4, 4b			\n"	\
646 	"	.previous"						\
647 	: "=r" (__pu_err)						\
648 	: "0" (0), "r" (__pu_val), "r" (ptr),				\
649 	  "i" (-EFAULT));						\
650 }
651 
652 extern void __put_user_unaligned_unknown(void);
653 
654 /*
655  * We're generating jump to subroutines which will be outside the range of
656  * jump instructions
657  */
658 #ifdef MODULE
659 #define __MODULE_JAL(destination)					\
660 	".set\tnoat\n\t"						\
661 	__UA_LA "\t$1, " #destination "\n\t" 				\
662 	"jalr\t$1\n\t"							\
663 	".set\tat\n\t"
664 #else
665 #define __MODULE_JAL(destination)					\
666 	"jal\t" #destination "\n\t"
667 #endif
668 
669 #ifndef CONFIG_CPU_DADDI_WORKAROUNDS
670 #define DADDI_SCRATCH "$0"
671 #else
672 #define DADDI_SCRATCH "$3"
673 #endif
674 
675 extern size_t __copy_user(void *__to, const void *__from, size_t __n);
676 
677 #define __invoke_copy_to_user(to, from, n)				\
678 ({									\
679 	register void __user *__cu_to_r __asm__("$4");			\
680 	register const void *__cu_from_r __asm__("$5");			\
681 	register long __cu_len_r __asm__("$6");				\
682 									\
683 	__cu_to_r = (to);						\
684 	__cu_from_r = (from);						\
685 	__cu_len_r = (n);						\
686 	__asm__ __volatile__(						\
687 	__MODULE_JAL(__copy_user)					\
688 	: "+r" (__cu_to_r), "+r" (__cu_from_r), "+r" (__cu_len_r)	\
689 	:								\
690 	: "$8", "$9", "$10", "$11", "$12", "$15", "$24", "$31",		\
691 	  DADDI_SCRATCH, "memory");					\
692 	__cu_len_r;							\
693 })
694 
695 /*
696  * __copy_to_user: - Copy a block of data into user space, with less checking.
697  * @to:   Destination address, in user space.
698  * @from: Source address, in kernel space.
699  * @n:    Number of bytes to copy.
700  *
701  * Context: User context only.  This function may sleep.
702  *
703  * Copy data from kernel space to user space.  Caller must check
704  * the specified block with access_ok() before calling this function.
705  *
706  * Returns number of bytes that could not be copied.
707  * On success, this will be zero.
708  */
709 #define __copy_to_user(to, from, n)					\
710 ({									\
711 	void __user *__cu_to;						\
712 	const void *__cu_from;						\
713 	long __cu_len;							\
714 									\
715 	__cu_to = (to);							\
716 	__cu_from = (from);						\
717 	__cu_len = (n);							\
718 	might_fault();							\
719 	__cu_len = __invoke_copy_to_user(__cu_to, __cu_from, __cu_len);	\
720 	__cu_len;							\
721 })
722 
723 extern size_t __copy_user_inatomic(void *__to, const void *__from, size_t __n);
724 
725 #define __copy_to_user_inatomic(to, from, n)				\
726 ({									\
727 	void __user *__cu_to;						\
728 	const void *__cu_from;						\
729 	long __cu_len;							\
730 									\
731 	__cu_to = (to);							\
732 	__cu_from = (from);						\
733 	__cu_len = (n);							\
734 	__cu_len = __invoke_copy_to_user(__cu_to, __cu_from, __cu_len);	\
735 	__cu_len;							\
736 })
737 
738 #define __copy_from_user_inatomic(to, from, n)				\
739 ({									\
740 	void *__cu_to;							\
741 	const void __user *__cu_from;					\
742 	long __cu_len;							\
743 									\
744 	__cu_to = (to);							\
745 	__cu_from = (from);						\
746 	__cu_len = (n);							\
747 	__cu_len = __invoke_copy_from_user_inatomic(__cu_to, __cu_from,	\
748 	                                            __cu_len);		\
749 	__cu_len;							\
750 })
751 
752 /*
753  * copy_to_user: - Copy a block of data into user space.
754  * @to:   Destination address, in user space.
755  * @from: Source address, in kernel space.
756  * @n:    Number of bytes to copy.
757  *
758  * Context: User context only.  This function may sleep.
759  *
760  * Copy data from kernel space to user space.
761  *
762  * Returns number of bytes that could not be copied.
763  * On success, this will be zero.
764  */
765 #define copy_to_user(to, from, n)					\
766 ({									\
767 	void __user *__cu_to;						\
768 	const void *__cu_from;						\
769 	long __cu_len;							\
770 									\
771 	__cu_to = (to);							\
772 	__cu_from = (from);						\
773 	__cu_len = (n);							\
774 	if (access_ok(VERIFY_WRITE, __cu_to, __cu_len)) {		\
775 		might_fault();						\
776 		__cu_len = __invoke_copy_to_user(__cu_to, __cu_from,	\
777 		                                 __cu_len);		\
778 	}								\
779 	__cu_len;							\
780 })
781 
782 #define __invoke_copy_from_user(to, from, n)				\
783 ({									\
784 	register void *__cu_to_r __asm__("$4");				\
785 	register const void __user *__cu_from_r __asm__("$5");		\
786 	register long __cu_len_r __asm__("$6");				\
787 									\
788 	__cu_to_r = (to);						\
789 	__cu_from_r = (from);						\
790 	__cu_len_r = (n);						\
791 	__asm__ __volatile__(						\
792 	".set\tnoreorder\n\t"						\
793 	__MODULE_JAL(__copy_user)					\
794 	".set\tnoat\n\t"						\
795 	__UA_ADDU "\t$1, %1, %2\n\t"					\
796 	".set\tat\n\t"							\
797 	".set\treorder"							\
798 	: "+r" (__cu_to_r), "+r" (__cu_from_r), "+r" (__cu_len_r)	\
799 	:								\
800 	: "$8", "$9", "$10", "$11", "$12", "$15", "$24", "$31",		\
801 	  DADDI_SCRATCH, "memory");					\
802 	__cu_len_r;							\
803 })
804 
805 #define __invoke_copy_from_user_inatomic(to, from, n)			\
806 ({									\
807 	register void *__cu_to_r __asm__("$4");				\
808 	register const void __user *__cu_from_r __asm__("$5");		\
809 	register long __cu_len_r __asm__("$6");				\
810 									\
811 	__cu_to_r = (to);						\
812 	__cu_from_r = (from);						\
813 	__cu_len_r = (n);						\
814 	__asm__ __volatile__(						\
815 	".set\tnoreorder\n\t"						\
816 	__MODULE_JAL(__copy_user_inatomic)				\
817 	".set\tnoat\n\t"						\
818 	__UA_ADDU "\t$1, %1, %2\n\t"					\
819 	".set\tat\n\t"							\
820 	".set\treorder"							\
821 	: "+r" (__cu_to_r), "+r" (__cu_from_r), "+r" (__cu_len_r)	\
822 	:								\
823 	: "$8", "$9", "$10", "$11", "$12", "$15", "$24", "$31",		\
824 	  DADDI_SCRATCH, "memory");					\
825 	__cu_len_r;							\
826 })
827 
828 /*
829  * __copy_from_user: - Copy a block of data from user space, with less checking.
830  * @to:   Destination address, in kernel space.
831  * @from: Source address, in user space.
832  * @n:    Number of bytes to copy.
833  *
834  * Context: User context only.  This function may sleep.
835  *
836  * Copy data from user space to kernel space.  Caller must check
837  * the specified block with access_ok() before calling this function.
838  *
839  * Returns number of bytes that could not be copied.
840  * On success, this will be zero.
841  *
842  * If some data could not be copied, this function will pad the copied
843  * data to the requested size using zero bytes.
844  */
845 #define __copy_from_user(to, from, n)					\
846 ({									\
847 	void *__cu_to;							\
848 	const void __user *__cu_from;					\
849 	long __cu_len;							\
850 									\
851 	__cu_to = (to);							\
852 	__cu_from = (from);						\
853 	__cu_len = (n);							\
854 	might_fault();							\
855 	__cu_len = __invoke_copy_from_user(__cu_to, __cu_from,		\
856 	                                   __cu_len);			\
857 	__cu_len;							\
858 })
859 
860 /*
861  * copy_from_user: - Copy a block of data from user space.
862  * @to:   Destination address, in kernel space.
863  * @from: Source address, in user space.
864  * @n:    Number of bytes to copy.
865  *
866  * Context: User context only.  This function may sleep.
867  *
868  * Copy data from user space to kernel space.
869  *
870  * Returns number of bytes that could not be copied.
871  * On success, this will be zero.
872  *
873  * If some data could not be copied, this function will pad the copied
874  * data to the requested size using zero bytes.
875  */
876 #define copy_from_user(to, from, n)					\
877 ({									\
878 	void *__cu_to;							\
879 	const void __user *__cu_from;					\
880 	long __cu_len;							\
881 									\
882 	__cu_to = (to);							\
883 	__cu_from = (from);						\
884 	__cu_len = (n);							\
885 	if (access_ok(VERIFY_READ, __cu_from, __cu_len)) {		\
886 		might_fault();						\
887 		__cu_len = __invoke_copy_from_user(__cu_to, __cu_from,	\
888 		                                   __cu_len);		\
889 	}								\
890 	__cu_len;							\
891 })
892 
893 #define __copy_in_user(to, from, n)					\
894 ({									\
895 	void __user *__cu_to;						\
896 	const void __user *__cu_from;					\
897 	long __cu_len;							\
898 									\
899 	__cu_to = (to);							\
900 	__cu_from = (from);						\
901 	__cu_len = (n);							\
902 	might_fault();							\
903 	__cu_len = __invoke_copy_from_user(__cu_to, __cu_from,		\
904 	                                   __cu_len);			\
905 	__cu_len;							\
906 })
907 
908 #define copy_in_user(to, from, n)					\
909 ({									\
910 	void __user *__cu_to;						\
911 	const void __user *__cu_from;					\
912 	long __cu_len;							\
913 									\
914 	__cu_to = (to);							\
915 	__cu_from = (from);						\
916 	__cu_len = (n);							\
917 	if (likely(access_ok(VERIFY_READ, __cu_from, __cu_len) &&	\
918 	           access_ok(VERIFY_WRITE, __cu_to, __cu_len))) {	\
919 		might_fault();						\
920 		__cu_len = __invoke_copy_from_user(__cu_to, __cu_from,	\
921 		                                   __cu_len);		\
922 	}								\
923 	__cu_len;							\
924 })
925 
926 /*
927  * __clear_user: - Zero a block of memory in user space, with less checking.
928  * @to:   Destination address, in user space.
929  * @n:    Number of bytes to zero.
930  *
931  * Zero a block of memory in user space.  Caller must check
932  * the specified block with access_ok() before calling this function.
933  *
934  * Returns number of bytes that could not be cleared.
935  * On success, this will be zero.
936  */
937 static inline __kernel_size_t
__clear_user(void __user * addr,__kernel_size_t size)938 __clear_user(void __user *addr, __kernel_size_t size)
939 {
940 	__kernel_size_t res;
941 
942 	might_fault();
943 	__asm__ __volatile__(
944 		"move\t$4, %1\n\t"
945 		"move\t$5, $0\n\t"
946 		"move\t$6, %2\n\t"
947 		__MODULE_JAL(__bzero)
948 		"move\t%0, $6"
949 		: "=r" (res)
950 		: "r" (addr), "r" (size)
951 		: "$4", "$5", "$6", __UA_t0, __UA_t1, "$31");
952 
953 	return res;
954 }
955 
956 #define clear_user(addr,n)						\
957 ({									\
958 	void __user * __cl_addr = (addr);				\
959 	unsigned long __cl_size = (n);					\
960 	if (__cl_size && access_ok(VERIFY_WRITE,			\
961 					__cl_addr, __cl_size))		\
962 		__cl_size = __clear_user(__cl_addr, __cl_size);		\
963 	__cl_size;							\
964 })
965 
966 /*
967  * __strncpy_from_user: - Copy a NUL terminated string from userspace, with less checking.
968  * @dst:   Destination address, in kernel space.  This buffer must be at
969  *         least @count bytes long.
970  * @src:   Source address, in user space.
971  * @count: Maximum number of bytes to copy, including the trailing NUL.
972  *
973  * Copies a NUL-terminated string from userspace to kernel space.
974  * Caller must check the specified block with access_ok() before calling
975  * this function.
976  *
977  * On success, returns the length of the string (not including the trailing
978  * NUL).
979  *
980  * If access to userspace fails, returns -EFAULT (some data may have been
981  * copied).
982  *
983  * If @count is smaller than the length of the string, copies @count bytes
984  * and returns @count.
985  */
986 static inline long
__strncpy_from_user(char * __to,const char __user * __from,long __len)987 __strncpy_from_user(char *__to, const char __user *__from, long __len)
988 {
989 	long res;
990 
991 	might_fault();
992 	__asm__ __volatile__(
993 		"move\t$4, %1\n\t"
994 		"move\t$5, %2\n\t"
995 		"move\t$6, %3\n\t"
996 		__MODULE_JAL(__strncpy_from_user_nocheck_asm)
997 		"move\t%0, $2"
998 		: "=r" (res)
999 		: "r" (__to), "r" (__from), "r" (__len)
1000 		: "$2", "$3", "$4", "$5", "$6", __UA_t0, "$31", "memory");
1001 
1002 	return res;
1003 }
1004 
1005 /*
1006  * strncpy_from_user: - Copy a NUL terminated string from userspace.
1007  * @dst:   Destination address, in kernel space.  This buffer must be at
1008  *         least @count bytes long.
1009  * @src:   Source address, in user space.
1010  * @count: Maximum number of bytes to copy, including the trailing NUL.
1011  *
1012  * Copies a NUL-terminated string from userspace to kernel space.
1013  *
1014  * On success, returns the length of the string (not including the trailing
1015  * NUL).
1016  *
1017  * If access to userspace fails, returns -EFAULT (some data may have been
1018  * copied).
1019  *
1020  * If @count is smaller than the length of the string, copies @count bytes
1021  * and returns @count.
1022  */
1023 static inline long
strncpy_from_user(char * __to,const char __user * __from,long __len)1024 strncpy_from_user(char *__to, const char __user *__from, long __len)
1025 {
1026 	long res;
1027 
1028 	might_fault();
1029 	__asm__ __volatile__(
1030 		"move\t$4, %1\n\t"
1031 		"move\t$5, %2\n\t"
1032 		"move\t$6, %3\n\t"
1033 		__MODULE_JAL(__strncpy_from_user_asm)
1034 		"move\t%0, $2"
1035 		: "=r" (res)
1036 		: "r" (__to), "r" (__from), "r" (__len)
1037 		: "$2", "$3", "$4", "$5", "$6", __UA_t0, "$31", "memory");
1038 
1039 	return res;
1040 }
1041 
1042 /* Returns: 0 if bad, string length+1 (memory size) of string if ok */
__strlen_user(const char __user * s)1043 static inline long __strlen_user(const char __user *s)
1044 {
1045 	long res;
1046 
1047 	might_fault();
1048 	__asm__ __volatile__(
1049 		"move\t$4, %1\n\t"
1050 		__MODULE_JAL(__strlen_user_nocheck_asm)
1051 		"move\t%0, $2"
1052 		: "=r" (res)
1053 		: "r" (s)
1054 		: "$2", "$4", __UA_t0, "$31");
1055 
1056 	return res;
1057 }
1058 
1059 /*
1060  * strlen_user: - Get the size of a string in user space.
1061  * @str: The string to measure.
1062  *
1063  * Context: User context only.  This function may sleep.
1064  *
1065  * Get the size of a NUL-terminated string in user space.
1066  *
1067  * Returns the size of the string INCLUDING the terminating NUL.
1068  * On exception, returns 0.
1069  *
1070  * If there is a limit on the length of a valid string, you may wish to
1071  * consider using strnlen_user() instead.
1072  */
strlen_user(const char __user * s)1073 static inline long strlen_user(const char __user *s)
1074 {
1075 	long res;
1076 
1077 	might_fault();
1078 	__asm__ __volatile__(
1079 		"move\t$4, %1\n\t"
1080 		__MODULE_JAL(__strlen_user_asm)
1081 		"move\t%0, $2"
1082 		: "=r" (res)
1083 		: "r" (s)
1084 		: "$2", "$4", __UA_t0, "$31");
1085 
1086 	return res;
1087 }
1088 
1089 /* Returns: 0 if bad, string length+1 (memory size) of string if ok */
__strnlen_user(const char __user * s,long n)1090 static inline long __strnlen_user(const char __user *s, long n)
1091 {
1092 	long res;
1093 
1094 	might_fault();
1095 	__asm__ __volatile__(
1096 		"move\t$4, %1\n\t"
1097 		"move\t$5, %2\n\t"
1098 		__MODULE_JAL(__strnlen_user_nocheck_asm)
1099 		"move\t%0, $2"
1100 		: "=r" (res)
1101 		: "r" (s), "r" (n)
1102 		: "$2", "$4", "$5", __UA_t0, "$31");
1103 
1104 	return res;
1105 }
1106 
1107 /*
1108  * strlen_user: - Get the size of a string in user space.
1109  * @str: The string to measure.
1110  *
1111  * Context: User context only.  This function may sleep.
1112  *
1113  * Get the size of a NUL-terminated string in user space.
1114  *
1115  * Returns the size of the string INCLUDING the terminating NUL.
1116  * On exception, returns 0.
1117  *
1118  * If there is a limit on the length of a valid string, you may wish to
1119  * consider using strnlen_user() instead.
1120  */
strnlen_user(const char __user * s,long n)1121 static inline long strnlen_user(const char __user *s, long n)
1122 {
1123 	long res;
1124 
1125 	might_fault();
1126 	__asm__ __volatile__(
1127 		"move\t$4, %1\n\t"
1128 		"move\t$5, %2\n\t"
1129 		__MODULE_JAL(__strnlen_user_asm)
1130 		"move\t%0, $2"
1131 		: "=r" (res)
1132 		: "r" (s), "r" (n)
1133 		: "$2", "$4", "$5", __UA_t0, "$31");
1134 
1135 	return res;
1136 }
1137 
1138 struct exception_table_entry
1139 {
1140 	unsigned long insn;
1141 	unsigned long nextinsn;
1142 };
1143 
1144 extern int fixup_exception(struct pt_regs *regs);
1145 
1146 #endif /* _ASM_UACCESS_H */
1147