1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 /* 3 * Copyright (C) 2012 Regents of the University of California 4 * 5 * This file was copied from include/asm-generic/uaccess.h 6 */ 7 8 #ifndef _ASM_RISCV_UACCESS_H 9 #define _ASM_RISCV_UACCESS_H 10 11 #include <asm/asm-extable.h> 12 #include <asm/pgtable.h> /* for TASK_SIZE */ 13 14 /* 15 * User space memory access functions 16 */ 17 #ifdef CONFIG_MMU 18 #include <linux/errno.h> 19 #include <linux/compiler.h> 20 #include <linux/thread_info.h> 21 #include <asm/byteorder.h> 22 #include <asm/extable.h> 23 #include <asm/asm.h> 24 25 #define __enable_user_access() \ 26 __asm__ __volatile__ ("csrs sstatus, %0" : : "r" (SR_SUM) : "memory") 27 #define __disable_user_access() \ 28 __asm__ __volatile__ ("csrc sstatus, %0" : : "r" (SR_SUM) : "memory") 29 30 /** 31 * access_ok: - Checks if a user space pointer is valid 32 * @addr: User space pointer to start of block to check 33 * @size: Size of block to check 34 * 35 * Context: User context only. This function may sleep. 36 * 37 * Checks if a pointer to a block of memory in user space is valid. 38 * 39 * Returns true (nonzero) if the memory block may be valid, false (zero) 40 * if it is definitely invalid. 41 * 42 * Note that, depending on architecture, this function probably just 43 * checks that the pointer is in the user space range - after calling 44 * this function, memory access functions may still return -EFAULT. 45 */ 46 #define access_ok(addr, size) ({ \ 47 __chk_user_ptr(addr); \ 48 likely(__access_ok((unsigned long __force)(addr), (size))); \ 49 }) 50 51 /* 52 * Ensure that the range [addr, addr+size) is within the process's 53 * address space 54 */ 55 static inline int __access_ok(unsigned long addr, unsigned long size) 56 { 57 return size <= TASK_SIZE && addr <= TASK_SIZE - size; 58 } 59 60 /* 61 * The exception table consists of pairs of addresses: the first is the 62 * address of an instruction that is allowed to fault, and the second is 63 * the address at which the program should continue. No registers are 64 * modified, so it is entirely up to the continuation code to figure out 65 * what to do. 66 * 67 * All the routines below use bits of fixup code that are out of line 68 * with the main instruction path. This means when everything is well, 69 * we don't even have to jump over them. Further, they do not intrude 70 * on our cache or tlb entries. 71 */ 72 73 #define __LSW 0 74 #define __MSW 1 75 76 /* 77 * The "__xxx" versions of the user access functions do not verify the address 78 * space - it must have been done previously with a separate "access_ok()" 79 * call. 80 */ 81 82 #define __get_user_asm(insn, x, ptr, err) \ 83 do { \ 84 uintptr_t __tmp; \ 85 __typeof__(x) __x; \ 86 __asm__ __volatile__ ( \ 87 "1:\n" \ 88 " " insn " %1, %3\n" \ 89 "2:\n" \ 90 " .section .fixup,\"ax\"\n" \ 91 " .balign 4\n" \ 92 "3:\n" \ 93 " li %0, %4\n" \ 94 " li %1, 0\n" \ 95 " jump 2b, %2\n" \ 96 " .previous\n" \ 97 _ASM_EXTABLE(1b, 3b) \ 98 : "+r" (err), "=&r" (__x), "=r" (__tmp) \ 99 : "m" (*(ptr)), "i" (-EFAULT)); \ 100 (x) = __x; \ 101 } while (0) 102 103 #ifdef CONFIG_64BIT 104 #define __get_user_8(x, ptr, err) \ 105 __get_user_asm("ld", x, ptr, err) 106 #else /* !CONFIG_64BIT */ 107 #define __get_user_8(x, ptr, err) \ 108 do { \ 109 u32 __user *__ptr = (u32 __user *)(ptr); \ 110 u32 __lo, __hi; \ 111 uintptr_t __tmp; \ 112 __asm__ __volatile__ ( \ 113 "1:\n" \ 114 " lw %1, %4\n" \ 115 "2:\n" \ 116 " lw %2, %5\n" \ 117 "3:\n" \ 118 " .section .fixup,\"ax\"\n" \ 119 " .balign 4\n" \ 120 "4:\n" \ 121 " li %0, %6\n" \ 122 " li %1, 0\n" \ 123 " li %2, 0\n" \ 124 " jump 3b, %3\n" \ 125 " .previous\n" \ 126 _ASM_EXTABLE(1b, 4b) \ 127 _ASM_EXTABLE(2b, 4b) \ 128 : "+r" (err), "=&r" (__lo), "=r" (__hi), \ 129 "=r" (__tmp) \ 130 : "m" (__ptr[__LSW]), "m" (__ptr[__MSW]), \ 131 "i" (-EFAULT)); \ 132 (x) = (__typeof__(x))((__typeof__((x)-(x)))( \ 133 (((u64)__hi << 32) | __lo))); \ 134 } while (0) 135 #endif /* CONFIG_64BIT */ 136 137 #define __get_user_nocheck(x, __gu_ptr, __gu_err) \ 138 do { \ 139 switch (sizeof(*__gu_ptr)) { \ 140 case 1: \ 141 __get_user_asm("lb", (x), __gu_ptr, __gu_err); \ 142 break; \ 143 case 2: \ 144 __get_user_asm("lh", (x), __gu_ptr, __gu_err); \ 145 break; \ 146 case 4: \ 147 __get_user_asm("lw", (x), __gu_ptr, __gu_err); \ 148 break; \ 149 case 8: \ 150 __get_user_8((x), __gu_ptr, __gu_err); \ 151 break; \ 152 default: \ 153 BUILD_BUG(); \ 154 } \ 155 } while (0) 156 157 /** 158 * __get_user: - Get a simple variable from user space, with less checking. 159 * @x: Variable to store result. 160 * @ptr: Source address, in user space. 161 * 162 * Context: User context only. This function may sleep. 163 * 164 * This macro copies a single simple variable from user space to kernel 165 * space. It supports simple types like char and int, but not larger 166 * data types like structures or arrays. 167 * 168 * @ptr must have pointer-to-simple-variable type, and the result of 169 * dereferencing @ptr must be assignable to @x without a cast. 170 * 171 * Caller must check the pointer with access_ok() before calling this 172 * function. 173 * 174 * Returns zero on success, or -EFAULT on error. 175 * On error, the variable @x is set to zero. 176 */ 177 #define __get_user(x, ptr) \ 178 ({ \ 179 const __typeof__(*(ptr)) __user *__gu_ptr = (ptr); \ 180 long __gu_err = 0; \ 181 \ 182 __chk_user_ptr(__gu_ptr); \ 183 \ 184 __enable_user_access(); \ 185 __get_user_nocheck(x, __gu_ptr, __gu_err); \ 186 __disable_user_access(); \ 187 \ 188 __gu_err; \ 189 }) 190 191 /** 192 * get_user: - Get a simple variable from user space. 193 * @x: Variable to store result. 194 * @ptr: Source address, in user space. 195 * 196 * Context: User context only. This function may sleep. 197 * 198 * This macro copies a single simple variable from user space to kernel 199 * space. It supports simple types like char and int, but not larger 200 * data types like structures or arrays. 201 * 202 * @ptr must have pointer-to-simple-variable type, and the result of 203 * dereferencing @ptr must be assignable to @x without a cast. 204 * 205 * Returns zero on success, or -EFAULT on error. 206 * On error, the variable @x is set to zero. 207 */ 208 #define get_user(x, ptr) \ 209 ({ \ 210 const __typeof__(*(ptr)) __user *__p = (ptr); \ 211 might_fault(); \ 212 access_ok(__p, sizeof(*__p)) ? \ 213 __get_user((x), __p) : \ 214 ((x) = 0, -EFAULT); \ 215 }) 216 217 #define __put_user_asm(insn, x, ptr, err) \ 218 do { \ 219 uintptr_t __tmp; \ 220 __typeof__(*(ptr)) __x = x; \ 221 __asm__ __volatile__ ( \ 222 "1:\n" \ 223 " " insn " %z3, %2\n" \ 224 "2:\n" \ 225 " .section .fixup,\"ax\"\n" \ 226 " .balign 4\n" \ 227 "3:\n" \ 228 " li %0, %4\n" \ 229 " jump 2b, %1\n" \ 230 " .previous\n" \ 231 _ASM_EXTABLE(1b, 3b) \ 232 : "+r" (err), "=r" (__tmp), "=m" (*(ptr)) \ 233 : "rJ" (__x), "i" (-EFAULT)); \ 234 } while (0) 235 236 #ifdef CONFIG_64BIT 237 #define __put_user_8(x, ptr, err) \ 238 __put_user_asm("sd", x, ptr, err) 239 #else /* !CONFIG_64BIT */ 240 #define __put_user_8(x, ptr, err) \ 241 do { \ 242 u32 __user *__ptr = (u32 __user *)(ptr); \ 243 u64 __x = (__typeof__((x)-(x)))(x); \ 244 uintptr_t __tmp; \ 245 __asm__ __volatile__ ( \ 246 "1:\n" \ 247 " sw %z4, %2\n" \ 248 "2:\n" \ 249 " sw %z5, %3\n" \ 250 "3:\n" \ 251 " .section .fixup,\"ax\"\n" \ 252 " .balign 4\n" \ 253 "4:\n" \ 254 " li %0, %6\n" \ 255 " jump 3b, %1\n" \ 256 " .previous\n" \ 257 _ASM_EXTABLE(1b, 4b) \ 258 _ASM_EXTABLE(2b, 4b) \ 259 : "+r" (err), "=r" (__tmp), \ 260 "=m" (__ptr[__LSW]), \ 261 "=m" (__ptr[__MSW]) \ 262 : "rJ" (__x), "rJ" (__x >> 32), "i" (-EFAULT)); \ 263 } while (0) 264 #endif /* CONFIG_64BIT */ 265 266 #define __put_user_nocheck(x, __gu_ptr, __pu_err) \ 267 do { \ 268 switch (sizeof(*__gu_ptr)) { \ 269 case 1: \ 270 __put_user_asm("sb", (x), __gu_ptr, __pu_err); \ 271 break; \ 272 case 2: \ 273 __put_user_asm("sh", (x), __gu_ptr, __pu_err); \ 274 break; \ 275 case 4: \ 276 __put_user_asm("sw", (x), __gu_ptr, __pu_err); \ 277 break; \ 278 case 8: \ 279 __put_user_8((x), __gu_ptr, __pu_err); \ 280 break; \ 281 default: \ 282 BUILD_BUG(); \ 283 } \ 284 } while (0) 285 286 /** 287 * __put_user: - Write a simple value into user space, with less checking. 288 * @x: Value to copy to user space. 289 * @ptr: Destination address, in user space. 290 * 291 * Context: User context only. This function may sleep. 292 * 293 * This macro copies a single simple value from kernel space to user 294 * space. It supports simple types like char and int, but not larger 295 * data types like structures or arrays. 296 * 297 * @ptr must have pointer-to-simple-variable type, and @x must be assignable 298 * to the result of dereferencing @ptr. The value of @x is copied to avoid 299 * re-ordering where @x is evaluated inside the block that enables user-space 300 * access (thus bypassing user space protection if @x is a function). 301 * 302 * Caller must check the pointer with access_ok() before calling this 303 * function. 304 * 305 * Returns zero on success, or -EFAULT on error. 306 */ 307 #define __put_user(x, ptr) \ 308 ({ \ 309 __typeof__(*(ptr)) __user *__gu_ptr = (ptr); \ 310 __typeof__(*__gu_ptr) __val = (x); \ 311 long __pu_err = 0; \ 312 \ 313 __chk_user_ptr(__gu_ptr); \ 314 \ 315 __enable_user_access(); \ 316 __put_user_nocheck(__val, __gu_ptr, __pu_err); \ 317 __disable_user_access(); \ 318 \ 319 __pu_err; \ 320 }) 321 322 /** 323 * put_user: - Write a simple value into user space. 324 * @x: Value to copy to user space. 325 * @ptr: Destination address, in user space. 326 * 327 * Context: User context only. This function may sleep. 328 * 329 * This macro copies a single simple value from kernel space to user 330 * space. It supports simple types like char and int, but not larger 331 * data types like structures or arrays. 332 * 333 * @ptr must have pointer-to-simple-variable type, and @x must be assignable 334 * to the result of dereferencing @ptr. 335 * 336 * Returns zero on success, or -EFAULT on error. 337 */ 338 #define put_user(x, ptr) \ 339 ({ \ 340 __typeof__(*(ptr)) __user *__p = (ptr); \ 341 might_fault(); \ 342 access_ok(__p, sizeof(*__p)) ? \ 343 __put_user((x), __p) : \ 344 -EFAULT; \ 345 }) 346 347 348 unsigned long __must_check __asm_copy_to_user(void __user *to, 349 const void *from, unsigned long n); 350 unsigned long __must_check __asm_copy_from_user(void *to, 351 const void __user *from, unsigned long n); 352 353 static inline unsigned long 354 raw_copy_from_user(void *to, const void __user *from, unsigned long n) 355 { 356 return __asm_copy_from_user(to, from, n); 357 } 358 359 static inline unsigned long 360 raw_copy_to_user(void __user *to, const void *from, unsigned long n) 361 { 362 return __asm_copy_to_user(to, from, n); 363 } 364 365 extern long strncpy_from_user(char *dest, const char __user *src, long count); 366 367 extern long __must_check strnlen_user(const char __user *str, long n); 368 369 extern 370 unsigned long __must_check __clear_user(void __user *addr, unsigned long n); 371 372 static inline 373 unsigned long __must_check clear_user(void __user *to, unsigned long n) 374 { 375 might_fault(); 376 return access_ok(to, n) ? 377 __clear_user(to, n) : n; 378 } 379 380 #define HAVE_GET_KERNEL_NOFAULT 381 382 #define __get_kernel_nofault(dst, src, type, err_label) \ 383 do { \ 384 long __kr_err; \ 385 \ 386 __get_user_nocheck(*((type *)(dst)), (type *)(src), __kr_err); \ 387 if (unlikely(__kr_err)) \ 388 goto err_label; \ 389 } while (0) 390 391 #define __put_kernel_nofault(dst, src, type, err_label) \ 392 do { \ 393 long __kr_err; \ 394 \ 395 __put_user_nocheck(*((type *)(src)), (type *)(dst), __kr_err); \ 396 if (unlikely(__kr_err)) \ 397 goto err_label; \ 398 } while (0) 399 400 #else /* CONFIG_MMU */ 401 #include <asm-generic/uaccess.h> 402 #endif /* CONFIG_MMU */ 403 #endif /* _ASM_RISCV_UACCESS_H */ 404