1 #ifndef _PPC64_UACCESS_H
2 #define _PPC64_UACCESS_H
3
4 /*
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version
8 * 2 of the License, or (at your option) any later version.
9 */
10
11 #ifndef __ASSEMBLY__
12 #include <linux/sched.h>
13 #include <linux/errno.h>
14 #include <asm/pgtable.h>
15 #include <asm/processor.h>
16
17 #define VERIFY_READ 0
18 #define VERIFY_WRITE 1
19
20 /*
21 * The fs value determines whether argument validity checking should be
22 * performed or not. If get_fs() == USER_DS, checking is performed, with
23 * get_fs() == KERNEL_DS, checking is bypassed.
24 *
25 * For historical reasons, these macros are grossly misnamed.
26 */
27
28 #define KERNEL_DS ((mm_segment_t) { 0 })
29 #define USER_DS ((mm_segment_t) { 1 })
30
31 #define get_ds() (KERNEL_DS)
32 #define get_fs() (current->thread.fs)
33 #define set_fs(val) (current->thread.fs = (val))
34
35 #define segment_eq(a,b) ((a).seg == (b).seg)
36
37 #define __kernel_ok (segment_eq(get_fs(), KERNEL_DS))
38 #define __user_ok(addr,size) (((size) <= TASK_SIZE)&&((addr) <= TASK_SIZE-(size)))
39 #define __access_ok(addr,size) (__kernel_ok || __user_ok((addr),(size)))
40 #define access_ok(type,addr,size) __access_ok((unsigned long)(addr),(size))
41
verify_area(int type,const void * addr,unsigned long size)42 static inline int verify_area(int type, const void * addr, unsigned long size)
43 {
44 return access_ok(type,addr,size) ? 0 : -EFAULT;
45 }
46
47
48 /*
49 * The exception table consists of pairs of addresses: the first is the
50 * address of an instruction that is allowed to fault, and the second is
51 * the address at which the program should continue. No registers are
52 * modified, so it is entirely up to the continuation code to figure out
53 * what to do.
54 *
55 * All the routines below use bits of fixup code that are out of line
56 * with the main instruction path. This means when everything is well,
57 * we don't even have to jump over them. Further, they do not intrude
58 * on our cache or tlb entries.
59 */
60
61 struct exception_table_entry
62 {
63 unsigned long insn, fixup;
64 };
65
66 /* Returns 0 if exception not found and fixup otherwise. */
67 extern unsigned long search_exception_table(unsigned long);
68 extern void sort_exception_table(void);
69
70 /*
71 * These are the main single-value transfer routines. They automatically
72 * use the right size if we just have the right pointer type.
73 *
74 * This gets kind of ugly. We want to return _two_ values in "get_user()"
75 * and yet we don't want to do any pointers, because that is too much
76 * of a performance impact. Thus we have a few rather ugly macros here,
77 * and hide all the uglyness from the user.
78 *
79 * The "__xxx" versions of the user access functions are versions that
80 * do not verify the address space, that must have been done previously
81 * with a separate "access_ok()" call (this is used when we do multiple
82 * accesses to the same area of user memory).
83 *
84 * As we use the same address space for kernel and user data on the
85 * PowerPC, we can just do these as direct assignments. (Of course, the
86 * exception handling means that it's no longer "just"...)
87 */
88 #define get_user(x,ptr) \
89 __get_user_check((x),(ptr),sizeof(*(ptr)))
90 #define put_user(x,ptr) \
91 __put_user_check((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr)))
92
93 #define __get_user(x,ptr) \
94 __get_user_nocheck((x),(ptr),sizeof(*(ptr)))
95 #define __put_user(x,ptr) \
96 __put_user_nocheck((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr)))
97
98 extern long __put_user_bad(void);
99
100 #define __put_user_nocheck(x,ptr,size) \
101 ({ \
102 long __pu_err; \
103 __put_user_size((x),(ptr),(size),__pu_err); \
104 __pu_err; \
105 })
106
107 #define __put_user_check(x,ptr,size) \
108 ({ \
109 long __pu_err = -EFAULT; \
110 __typeof__(*(ptr)) *__pu_addr = (ptr); \
111 if (access_ok(VERIFY_WRITE,__pu_addr,size)) \
112 __put_user_size((x),__pu_addr,(size),__pu_err); \
113 __pu_err; \
114 })
115
116 #define __put_user_size(x,ptr,size,retval) \
117 do { \
118 retval = 0; \
119 switch (size) { \
120 case 1: __put_user_asm(x,ptr,retval,"stb"); break; \
121 case 2: __put_user_asm(x,ptr,retval,"sth"); break; \
122 case 4: __put_user_asm(x,ptr,retval,"stw"); break; \
123 case 8: __put_user_asm(x,ptr,retval,"std"); break; \
124 default: __put_user_bad(); \
125 } \
126 } while (0)
127
128 /*
129 * We don't tell gcc that we are accessing memory, but this is OK
130 * because we do not write to any memory gcc knows about, so there
131 * are no aliasing issues.
132 */
133 #define __put_user_asm(x, addr, err, op) \
134 __asm__ __volatile__( \
135 "1: "op" %1,0(%2)\n" \
136 "2:\n" \
137 ".section .fixup,\"ax\"\n" \
138 "3: li %0,%3\n" \
139 " b 2b\n" \
140 ".previous\n" \
141 ".section __ex_table,\"a\"\n" \
142 " .align 3\n" \
143 " .llong 1b,3b\n" \
144 ".previous" \
145 : "=r"(err) \
146 : "r"(x), "b"(addr), "i"(-EFAULT), "0"(err))
147
148
149 #define __get_user_nocheck(x,ptr,size) \
150 ({ \
151 long __gu_err, __gu_val; \
152 __get_user_size(__gu_val,(ptr),(size),__gu_err); \
153 (x) = (__typeof__(*(ptr)))__gu_val; \
154 __gu_err; \
155 })
156
157 #define __get_user_check(x,ptr,size) \
158 ({ \
159 long __gu_err = -EFAULT, __gu_val = 0; \
160 const __typeof__(*(ptr)) *__gu_addr = (ptr); \
161 if (access_ok(VERIFY_READ,__gu_addr,size)) \
162 __get_user_size(__gu_val,__gu_addr,(size),__gu_err); \
163 (x) = (__typeof__(*(ptr)))__gu_val; \
164 __gu_err; \
165 })
166
167 extern long __get_user_bad(void);
168
169 #define __get_user_size(x,ptr,size,retval) \
170 do { \
171 retval = 0; \
172 switch (size) { \
173 case 1: __get_user_asm(x,ptr,retval,"lbz"); break; \
174 case 2: __get_user_asm(x,ptr,retval,"lhz"); break; \
175 case 4: __get_user_asm(x,ptr,retval,"lwz"); break; \
176 case 8: __get_user_asm(x,ptr,retval,"ld"); break; \
177 default: (x) = __get_user_bad(); \
178 } \
179 } while (0)
180
181 #define __get_user_asm(x, addr, err, op) \
182 __asm__ __volatile__( \
183 "1: "op" %1,0(%2)\n" \
184 "2:\n" \
185 ".section .fixup,\"ax\"\n" \
186 "3: li %0,%3\n" \
187 " li %1,0\n" \
188 " b 2b\n" \
189 ".previous\n" \
190 ".section __ex_table,\"a\"\n" \
191 " .align 3\n" \
192 " .llong 1b,3b\n" \
193 ".previous" \
194 : "=r"(err), "=r"(x) \
195 : "b"(addr), "i"(-EFAULT), "0"(err))
196
197 /* more complex routines */
198
199 extern unsigned long __copy_tofrom_user(void *to, const void *from, unsigned long size);
200
201 static inline unsigned long
copy_from_user(void * to,const void * from,unsigned long n)202 copy_from_user(void *to, const void *from, unsigned long n)
203 {
204 unsigned long over;
205
206 if (access_ok(VERIFY_READ, from, n))
207 return __copy_tofrom_user(to, from, n);
208 if ((unsigned long)from < TASK_SIZE) {
209 over = (unsigned long)from + n - TASK_SIZE;
210 return __copy_tofrom_user(to, from, n - over) + over;
211 }
212 return n;
213 }
214
215 static inline unsigned long
copy_to_user(void * to,const void * from,unsigned long n)216 copy_to_user(void *to, const void *from, unsigned long n)
217 {
218 unsigned long over;
219
220 if (access_ok(VERIFY_WRITE, to, n))
221 return __copy_tofrom_user(to, from, n);
222 if ((unsigned long)to < TASK_SIZE) {
223 over = (unsigned long)to + n - TASK_SIZE;
224 return __copy_tofrom_user(to, from, n - over) + over;
225 }
226 return n;
227 }
228
229 #define __copy_from_user(to, from, size) \
230 __copy_tofrom_user((to), (from), (size))
231 #define __copy_to_user(to, from, size) \
232 __copy_tofrom_user((to), (from), (size))
233
234 extern unsigned long __clear_user(void *addr, unsigned long size);
235
236 static inline unsigned long
clear_user(void * addr,unsigned long size)237 clear_user(void *addr, unsigned long size)
238 {
239 if (access_ok(VERIFY_WRITE, addr, size))
240 return __clear_user(addr, size);
241 if ((unsigned long)addr < TASK_SIZE) {
242 unsigned long over = (unsigned long)addr + size - TASK_SIZE;
243 return __clear_user(addr, size - over) + over;
244 }
245 return size;
246 }
247
248 extern int __strncpy_from_user(char *dst, const char *src, long count);
249
250 static inline long
strncpy_from_user(char * dst,const char * src,long count)251 strncpy_from_user(char *dst, const char *src, long count)
252 {
253 if (access_ok(VERIFY_READ, src, 1))
254 return __strncpy_from_user(dst, src, count);
255 return -EFAULT;
256 }
257
258 /*
259 * Return the size of a string (including the ending 0)
260 *
261 * Return 0 for error
262 */
263
264 extern int __strnlen_user(const char *str, long len, unsigned long top);
265
266 /*
267 * Returns the length of the string at str (including the null byte),
268 * or 0 if we hit a page we can't access,
269 * or something > len if we didn't find a null byte.
270 *
271 * The `top' parameter to __strnlen_user is to make sure that
272 * we can never overflow from the user area into kernel space.
273 */
strnlen_user(const char * str,long len)274 static inline int strnlen_user(const char *str, long len)
275 {
276 unsigned long top = __kernel_ok? ~0UL: TASK_SIZE - 1;
277
278 if ((unsigned long)str > top)
279 return 0;
280 return __strnlen_user(str, len, top);
281 }
282
283 #define strlen_user(str) strnlen_user((str), 0x7ffffffe)
284
285 #endif /* __ASSEMBLY__ */
286
287 #endif /* _PPC64_UACCESS_H */
288