xref: /linux/arch/s390/include/asm/uaccess.h (revision 95e9fd10f06cb5642028b6b851e32b8c8afb4571) 
1 /*
2  *  S390 version
3  *    Copyright IBM Corp. 1999, 2000
4  *    Author(s): Hartmut Penner (hp@de.ibm.com),
5  *               Martin Schwidefsky (schwidefsky@de.ibm.com)
6  *
7  *  Derived from "include/asm-i386/uaccess.h"
8  */
9 #ifndef __S390_UACCESS_H
10 #define __S390_UACCESS_H
11 
12 /*
13  * User space memory access functions
14  */
15 #include <linux/sched.h>
16 #include <linux/errno.h>
17 #include <asm/ctl_reg.h>
18 
19 #define VERIFY_READ     0
20 #define VERIFY_WRITE    1
21 
22 
23 /*
24  * The fs value determines whether argument validity checking should be
25  * performed or not.  If get_fs() == USER_DS, checking is performed, with
26  * get_fs() == KERNEL_DS, checking is bypassed.
27  *
28  * For historical reasons, these macros are grossly misnamed.
29  */
30 
31 #define MAKE_MM_SEG(a)  ((mm_segment_t) { (a) })
32 
33 
34 #define KERNEL_DS       MAKE_MM_SEG(0)
35 #define USER_DS         MAKE_MM_SEG(1)
36 
37 #define get_ds()        (KERNEL_DS)
38 #define get_fs()        (current->thread.mm_segment)
39 
40 #define set_fs(x) \
41 ({									\
42 	unsigned long __pto;						\
43 	current->thread.mm_segment = (x);				\
44 	__pto = current->thread.mm_segment.ar4 ?			\
45 		S390_lowcore.user_asce : S390_lowcore.kernel_asce;	\
46 	__ctl_load(__pto, 7, 7);					\
47 })
48 
49 #define segment_eq(a,b) ((a).ar4 == (b).ar4)
50 
51 static inline int __range_ok(unsigned long addr, unsigned long size)
52 {
53 	return 1;
54 }
55 
56 #define __access_ok(addr, size)				\
57 ({							\
58 	__chk_user_ptr(addr);				\
59 	__range_ok((unsigned long)(addr), (size));	\
60 })
61 
62 #define access_ok(type, addr, size) __access_ok(addr, size)
63 
64 /*
65  * The exception table consists of pairs of addresses: the first is the
66  * address of an instruction that is allowed to fault, and the second is
67  * the address at which the program should continue.  No registers are
68  * modified, so it is entirely up to the continuation code to figure out
69  * what to do.
70  *
71  * All the routines below use bits of fixup code that are out of line
72  * with the main instruction path.  This means when everything is well,
73  * we don't even have to jump over them.  Further, they do not intrude
74  * on our cache or tlb entries.
75  */
76 
77 struct exception_table_entry
78 {
79         unsigned long insn, fixup;
80 };
81 
82 struct uaccess_ops {
83 	size_t (*copy_from_user)(size_t, const void __user *, void *);
84 	size_t (*copy_from_user_small)(size_t, const void __user *, void *);
85 	size_t (*copy_to_user)(size_t, void __user *, const void *);
86 	size_t (*copy_to_user_small)(size_t, void __user *, const void *);
87 	size_t (*copy_in_user)(size_t, void __user *, const void __user *);
88 	size_t (*clear_user)(size_t, void __user *);
89 	size_t (*strnlen_user)(size_t, const char __user *);
90 	size_t (*strncpy_from_user)(size_t, const char __user *, char *);
91 	int (*futex_atomic_op)(int op, u32 __user *, int oparg, int *old);
92 	int (*futex_atomic_cmpxchg)(u32 *, u32 __user *, u32 old, u32 new);
93 };
94 
95 extern struct uaccess_ops uaccess;
96 extern struct uaccess_ops uaccess_std;
97 extern struct uaccess_ops uaccess_mvcos;
98 extern struct uaccess_ops uaccess_mvcos_switch;
99 extern struct uaccess_ops uaccess_pt;
100 
101 extern int __handle_fault(unsigned long, unsigned long, int);
102 
103 static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
104 {
105 	size = uaccess.copy_to_user_small(size, ptr, x);
106 	return size ? -EFAULT : size;
107 }
108 
109 static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
110 {
111 	size = uaccess.copy_from_user_small(size, ptr, x);
112 	return size ? -EFAULT : size;
113 }
114 
115 /*
116  * These are the main single-value transfer routines.  They automatically
117  * use the right size if we just have the right pointer type.
118  */
119 #define __put_user(x, ptr) \
120 ({								\
121 	__typeof__(*(ptr)) __x = (x);				\
122 	int __pu_err = -EFAULT;					\
123         __chk_user_ptr(ptr);                                    \
124 	switch (sizeof (*(ptr))) {				\
125 	case 1:							\
126 	case 2:							\
127 	case 4:							\
128 	case 8:							\
129 		__pu_err = __put_user_fn(sizeof (*(ptr)),	\
130 					 ptr, &__x);		\
131 		break;						\
132 	default:						\
133 		__put_user_bad();				\
134 		break;						\
135 	 }							\
136 	__pu_err;						\
137 })
138 
139 #define put_user(x, ptr)					\
140 ({								\
141 	might_fault();						\
142 	__put_user(x, ptr);					\
143 })
144 
145 
146 extern int __put_user_bad(void) __attribute__((noreturn));
147 
148 #define __get_user(x, ptr)					\
149 ({								\
150 	int __gu_err = -EFAULT;					\
151 	__chk_user_ptr(ptr);					\
152 	switch (sizeof(*(ptr))) {				\
153 	case 1: {						\
154 		unsigned char __x;				\
155 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
156 					 ptr, &__x);		\
157 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
158 		break;						\
159 	};							\
160 	case 2: {						\
161 		unsigned short __x;				\
162 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
163 					 ptr, &__x);		\
164 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
165 		break;						\
166 	};							\
167 	case 4: {						\
168 		unsigned int __x;				\
169 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
170 					 ptr, &__x);		\
171 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
172 		break;						\
173 	};							\
174 	case 8: {						\
175 		unsigned long long __x;				\
176 		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
177 					 ptr, &__x);		\
178 		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
179 		break;						\
180 	};							\
181 	default:						\
182 		__get_user_bad();				\
183 		break;						\
184 	}							\
185 	__gu_err;						\
186 })
187 
188 #define get_user(x, ptr)					\
189 ({								\
190 	might_fault();						\
191 	__get_user(x, ptr);					\
192 })
193 
194 extern int __get_user_bad(void) __attribute__((noreturn));
195 
196 #define __put_user_unaligned __put_user
197 #define __get_user_unaligned __get_user
198 
199 /**
200  * __copy_to_user: - Copy a block of data into user space, with less checking.
201  * @to:   Destination address, in user space.
202  * @from: Source address, in kernel space.
203  * @n:    Number of bytes to copy.
204  *
205  * Context: User context only.  This function may sleep.
206  *
207  * Copy data from kernel space to user space.  Caller must check
208  * the specified block with access_ok() before calling this function.
209  *
210  * Returns number of bytes that could not be copied.
211  * On success, this will be zero.
212  */
213 static inline unsigned long __must_check
214 __copy_to_user(void __user *to, const void *from, unsigned long n)
215 {
216 	if (__builtin_constant_p(n) && (n <= 256))
217 		return uaccess.copy_to_user_small(n, to, from);
218 	else
219 		return uaccess.copy_to_user(n, to, from);
220 }
221 
222 #define __copy_to_user_inatomic __copy_to_user
223 #define __copy_from_user_inatomic __copy_from_user
224 
225 /**
226  * copy_to_user: - Copy a block of data into user space.
227  * @to:   Destination address, in user space.
228  * @from: Source address, in kernel space.
229  * @n:    Number of bytes to copy.
230  *
231  * Context: User context only.  This function may sleep.
232  *
233  * Copy data from kernel space to user space.
234  *
235  * Returns number of bytes that could not be copied.
236  * On success, this will be zero.
237  */
238 static inline unsigned long __must_check
239 copy_to_user(void __user *to, const void *from, unsigned long n)
240 {
241 	might_fault();
242 	if (access_ok(VERIFY_WRITE, to, n))
243 		n = __copy_to_user(to, from, n);
244 	return n;
245 }
246 
247 /**
248  * __copy_from_user: - Copy a block of data from user space, with less checking.
249  * @to:   Destination address, in kernel space.
250  * @from: Source address, in user space.
251  * @n:    Number of bytes to copy.
252  *
253  * Context: User context only.  This function may sleep.
254  *
255  * Copy data from user space to kernel space.  Caller must check
256  * the specified block with access_ok() before calling this function.
257  *
258  * Returns number of bytes that could not be copied.
259  * On success, this will be zero.
260  *
261  * If some data could not be copied, this function will pad the copied
262  * data to the requested size using zero bytes.
263  */
264 static inline unsigned long __must_check
265 __copy_from_user(void *to, const void __user *from, unsigned long n)
266 {
267 	if (__builtin_constant_p(n) && (n <= 256))
268 		return uaccess.copy_from_user_small(n, from, to);
269 	else
270 		return uaccess.copy_from_user(n, from, to);
271 }
272 
273 extern void copy_from_user_overflow(void)
274 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
275 __compiletime_warning("copy_from_user() buffer size is not provably correct")
276 #endif
277 ;
278 
279 /**
280  * copy_from_user: - Copy a block of data from user space.
281  * @to:   Destination address, in kernel space.
282  * @from: Source address, in user space.
283  * @n:    Number of bytes to copy.
284  *
285  * Context: User context only.  This function may sleep.
286  *
287  * Copy data from user space to kernel space.
288  *
289  * Returns number of bytes that could not be copied.
290  * On success, this will be zero.
291  *
292  * If some data could not be copied, this function will pad the copied
293  * data to the requested size using zero bytes.
294  */
295 static inline unsigned long __must_check
296 copy_from_user(void *to, const void __user *from, unsigned long n)
297 {
298 	unsigned int sz = __compiletime_object_size(to);
299 
300 	might_fault();
301 	if (unlikely(sz != -1 && sz < n)) {
302 		copy_from_user_overflow();
303 		return n;
304 	}
305 	if (access_ok(VERIFY_READ, from, n))
306 		n = __copy_from_user(to, from, n);
307 	else
308 		memset(to, 0, n);
309 	return n;
310 }
311 
312 static inline unsigned long __must_check
313 __copy_in_user(void __user *to, const void __user *from, unsigned long n)
314 {
315 	return uaccess.copy_in_user(n, to, from);
316 }
317 
318 static inline unsigned long __must_check
319 copy_in_user(void __user *to, const void __user *from, unsigned long n)
320 {
321 	might_fault();
322 	if (__access_ok(from,n) && __access_ok(to,n))
323 		n = __copy_in_user(to, from, n);
324 	return n;
325 }
326 
327 /*
328  * Copy a null terminated string from userspace.
329  */
330 static inline long __must_check
331 strncpy_from_user(char *dst, const char __user *src, long count)
332 {
333         long res = -EFAULT;
334 	might_fault();
335         if (access_ok(VERIFY_READ, src, 1))
336 		res = uaccess.strncpy_from_user(count, src, dst);
337         return res;
338 }
339 
340 static inline unsigned long
341 strnlen_user(const char __user * src, unsigned long n)
342 {
343 	might_fault();
344 	return uaccess.strnlen_user(n, src);
345 }
346 
347 /**
348  * strlen_user: - Get the size of a string in user space.
349  * @str: The string to measure.
350  *
351  * Context: User context only.  This function may sleep.
352  *
353  * Get the size of a NUL-terminated string in user space.
354  *
355  * Returns the size of the string INCLUDING the terminating NUL.
356  * On exception, returns 0.
357  *
358  * If there is a limit on the length of a valid string, you may wish to
359  * consider using strnlen_user() instead.
360  */
361 #define strlen_user(str) strnlen_user(str, ~0UL)
362 
363 /*
364  * Zero Userspace
365  */
366 
367 static inline unsigned long __must_check
368 __clear_user(void __user *to, unsigned long n)
369 {
370 	return uaccess.clear_user(n, to);
371 }
372 
373 static inline unsigned long __must_check
374 clear_user(void __user *to, unsigned long n)
375 {
376 	might_fault();
377 	if (access_ok(VERIFY_WRITE, to, n))
378 		n = uaccess.clear_user(n, to);
379 	return n;
380 }
381 
382 extern int copy_to_user_real(void __user *dest, void *src, size_t count);
383 extern int copy_from_user_real(void *dest, void __user *src, size_t count);
384 
385 #endif /* __S390_UACCESS_H */
386