1#ifndef _PPC64_UACCESS_H
2#define _PPC64_UACCESS_H
3
4/*
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version
8 * 2 of the License, or (at your option) any later version.
9 */
10
11#ifndef __ASSEMBLY__
12#include <linux/sched.h>
13#include <linux/errno.h>
14#include <asm/processor.h>
15
16#define VERIFY_READ	0
17#define VERIFY_WRITE	1
18
19/*
20 * The fs value determines whether argument validity checking should be
21 * performed or not.  If get_fs() == USER_DS, checking is performed, with
22 * get_fs() == KERNEL_DS, checking is bypassed.
23 *
24 * For historical reasons, these macros are grossly misnamed.
25 */
26
27#define KERNEL_DS	((mm_segment_t) { 0 })
28#define USER_DS		((mm_segment_t) { 1 })
29
30#define get_ds()	(KERNEL_DS)
31#define get_fs()	(current->thread.fs)
32#define set_fs(val)	(current->thread.fs = (val))
33
34#define segment_eq(a,b)	((a).seg == (b).seg)
35
36#define __kernel_ok (segment_eq(get_fs(), KERNEL_DS))
37#define __user_ok(addr,size) (((size) <= TASK_SIZE)&&((addr) <= TASK_SIZE-(size)))
38#define __access_ok(addr,size) (__kernel_ok || __user_ok((addr),(size)))
39#define access_ok(type,addr,size) __access_ok((unsigned long)(addr),(size))
40
41static inline int verify_area(int type, const void * addr, unsigned long size)
42{
43	return access_ok(type,addr,size) ? 0 : -EFAULT;
44}
45
46
47/*
48 * The exception table consists of pairs of addresses: the first is the
49 * address of an instruction that is allowed to fault, and the second is
50 * the address at which the program should continue.  No registers are
51 * modified, so it is entirely up to the continuation code to figure out
52 * what to do.
53 *
54 * All the routines below use bits of fixup code that are out of line
55 * with the main instruction path.  This means when everything is well,
56 * we don't even have to jump over them.  Further, they do not intrude
57 * on our cache or tlb entries.
58 */
59
60struct exception_table_entry
61{
62	unsigned long insn, fixup;
63};
64
65/* Returns 0 if exception not found and fixup otherwise.  */
66extern unsigned long search_exception_table(unsigned long);
67extern void sort_exception_table(void);
68
69/*
70 * These are the main single-value transfer routines.  They automatically
71 * use the right size if we just have the right pointer type.
72 *
73 * This gets kind of ugly. We want to return _two_ values in "get_user()"
74 * and yet we don't want to do any pointers, because that is too much
75 * of a performance impact. Thus we have a few rather ugly macros here,
76 * and hide all the uglyness from the user.
77 *
78 * The "__xxx" versions of the user access functions are versions that
79 * do not verify the address space, that must have been done previously
80 * with a separate "access_ok()" call (this is used when we do multiple
81 * accesses to the same area of user memory).
82 *
83 * As we use the same address space for kernel and user data on the
84 * PowerPC, we can just do these as direct assignments.  (Of course, the
85 * exception handling means that it's no longer "just"...)
86 */
87#define get_user(x,ptr) \
88  __get_user_check((x),(ptr),sizeof(*(ptr)))
89#define put_user(x,ptr) \
90  __put_user_check((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr)))
91
92#define __get_user(x,ptr) \
93  __get_user_nocheck((x),(ptr),sizeof(*(ptr)))
94#define __put_user(x,ptr) \
95  __put_user_nocheck((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr)))
96
97extern long __put_user_bad(void);
98
99#define __put_user_nocheck(x,ptr,size)			\
100({							\
101	long __pu_err;					\
102	__put_user_size((x),(ptr),(size),__pu_err);	\
103	__pu_err;					\
104})
105
106#define __put_user_check(x,ptr,size)				\
107({								\
108	long __pu_err = -EFAULT;				\
109	__typeof__(*(ptr)) *__pu_addr = (ptr);			\
110	if (access_ok(VERIFY_WRITE,__pu_addr,size))		\
111		__put_user_size((x),__pu_addr,(size),__pu_err);	\
112	__pu_err;						\
113})
114
115#define __put_user_size(x,ptr,size,retval)			\
116do {								\
117	retval = 0;						\
118	switch (size) {						\
119	  case 1: __put_user_asm(x,ptr,retval,"stb"); break;	\
120	  case 2: __put_user_asm(x,ptr,retval,"sth"); break;	\
121	  case 4: __put_user_asm(x,ptr,retval,"stw"); break;	\
122	  case 8: __put_user_asm(x,ptr,retval,"std"); break; 	\
123	  default: __put_user_bad();				\
124	}							\
125} while (0)
126
127/*
128 * We don't tell gcc that we are accessing memory, but this is OK
129 * because we do not write to any memory gcc knows about, so there
130 * are no aliasing issues.
131 */
132#define __put_user_asm(x, addr, err, op)			\
133	__asm__ __volatile__(					\
134		"1:	"op" %1,0(%2)\n"			\
135		"2:\n"						\
136		".section .fixup,\"ax\"\n"			\
137		"3:	li %0,%3\n"				\
138		"	b 2b\n"					\
139		".previous\n"					\
140		".section __ex_table,\"a\"\n"			\
141		"	.align 3\n"				\
142		"	.llong 1b,3b\n"				\
143		".previous"					\
144		: "=r"(err)					\
145		: "r"(x), "b"(addr), "i"(-EFAULT), "0"(err))
146
147
148#define __get_user_nocheck(x,ptr,size)				\
149({								\
150	long __gu_err, __gu_val;				\
151	__get_user_size(__gu_val,(ptr),(size),__gu_err);	\
152	(x) = (__typeof__(*(ptr)))__gu_val;			\
153	__gu_err;						\
154})
155
156#define __get_user_check(x,ptr,size)					\
157({									\
158	long __gu_err = -EFAULT, __gu_val = 0;				\
159	const __typeof__(*(ptr)) *__gu_addr = (ptr);			\
160	if (access_ok(VERIFY_READ,__gu_addr,size))			\
161		__get_user_size(__gu_val,__gu_addr,(size),__gu_err);	\
162	(x) = (__typeof__(*(ptr)))__gu_val;				\
163	__gu_err;							\
164})
165
166extern long __get_user_bad(void);
167
168#define __get_user_size(x,ptr,size,retval)			\
169do {								\
170	retval = 0;						\
171	switch (size) {						\
172	  case 1: __get_user_asm(x,ptr,retval,"lbz"); break;	\
173	  case 2: __get_user_asm(x,ptr,retval,"lhz"); break;	\
174	  case 4: __get_user_asm(x,ptr,retval,"lwz"); break;	\
175	  case 8: __get_user_asm(x,ptr,retval,"ld");  break;    \
176	  default: (x) = __get_user_bad();			\
177	}							\
178} while (0)
179
180#define __get_user_asm(x, addr, err, op)		\
181	__asm__ __volatile__(				\
182		"1:	"op" %1,0(%2)\n"		\
183		"2:\n"					\
184		".section .fixup,\"ax\"\n"		\
185		"3:	li %0,%3\n"			\
186		"	li %1,0\n"			\
187		"	b 2b\n"				\
188		".previous\n"				\
189		".section __ex_table,\"a\"\n"		\
190		"	.align 3\n"			\
191		"	.llong 1b,3b\n"			\
192		".previous"				\
193		: "=r"(err), "=r"(x)			\
194		: "b"(addr), "i"(-EFAULT), "0"(err))
195
196/* more complex routines */
197
198extern unsigned long __copy_tofrom_user(void *to, const void *from, unsigned long size);
199
200static inline unsigned long
201copy_from_user(void *to, const void *from, unsigned long n)
202{
203	unsigned long over;
204
205	if (access_ok(VERIFY_READ, from, n))
206		return __copy_tofrom_user(to, from, n);
207	if ((unsigned long)from < TASK_SIZE) {
208		over = (unsigned long)from + n - TASK_SIZE;
209		return __copy_tofrom_user(to, from, n - over) + over;
210	}
211	return n;
212}
213
214static inline unsigned long
215copy_to_user(void *to, const void *from, unsigned long n)
216{
217	unsigned long over;
218
219	if (access_ok(VERIFY_WRITE, to, n))
220		return __copy_tofrom_user(to, from, n);
221	if ((unsigned long)to < TASK_SIZE) {
222		over = (unsigned long)to + n - TASK_SIZE;
223		return __copy_tofrom_user(to, from, n - over) + over;
224	}
225	return n;
226}
227
228#define __copy_from_user(to, from, size) \
229	__copy_tofrom_user((to), (from), (size))
230#define __copy_to_user(to, from, size) \
231	__copy_tofrom_user((to), (from), (size))
232
233extern unsigned long __clear_user(void *addr, unsigned long size);
234
235static inline unsigned long
236clear_user(void *addr, unsigned long size)
237{
238	if (access_ok(VERIFY_WRITE, addr, size))
239		return __clear_user(addr, size);
240	if ((unsigned long)addr < TASK_SIZE) {
241		unsigned long over = (unsigned long)addr + size - TASK_SIZE;
242		return __clear_user(addr, size - over) + over;
243	}
244	return size;
245}
246
247extern int __strncpy_from_user(char *dst, const char *src, long count);
248
249static inline long
250strncpy_from_user(char *dst, const char *src, long count)
251{
252	if (access_ok(VERIFY_READ, src, 1))
253		return __strncpy_from_user(dst, src, count);
254	return -EFAULT;
255}
256
257/*
258 * Return the size of a string (including the ending 0)
259 *
260 * Return 0 for error
261 */
262
263extern int __strnlen_user(const char *str, long len, unsigned long top);
264
265/*
266 * Returns the length of the string at str (including the null byte),
267 * or 0 if we hit a page we can't access,
268 * or something > len if we didn't find a null byte.
269 *
270 * The `top' parameter to __strnlen_user is to make sure that
271 * we can never overflow from the user area into kernel space.
272 */
273static inline int strnlen_user(const char *str, long len)
274{
275	unsigned long top = __kernel_ok? ~0UL: TASK_SIZE - 1;
276
277	if ((unsigned long)str > top)
278		return 0;
279	return __strnlen_user(str, len, top);
280}
281
282#define strlen_user(str)	strnlen_user((str), 0x7ffffffe)
283
284#endif  /* __ASSEMBLY__ */
285
286#endif	/* _PPC64_UACCESS_H */
287