1#ifndef _PPC64_UACCESS_H 2#define _PPC64_UACCESS_H 3 4/* 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License 7 * as published by the Free Software Foundation; either version 8 * 2 of the License, or (at your option) any later version. 9 */ 10 11#ifndef __ASSEMBLY__ 12#include <linux/sched.h> 13#include <linux/errno.h> 14#include <asm/processor.h> 15 16#define VERIFY_READ 0 17#define VERIFY_WRITE 1 18 19/* 20 * The fs value determines whether argument validity checking should be 21 * performed or not. If get_fs() == USER_DS, checking is performed, with 22 * get_fs() == KERNEL_DS, checking is bypassed. 23 * 24 * For historical reasons, these macros are grossly misnamed. 25 */ 26 27#define KERNEL_DS ((mm_segment_t) { 0 }) 28#define USER_DS ((mm_segment_t) { 1 }) 29 30#define get_ds() (KERNEL_DS) 31#define get_fs() (current->thread.fs) 32#define set_fs(val) (current->thread.fs = (val)) 33 34#define segment_eq(a,b) ((a).seg == (b).seg) 35 36#define __kernel_ok (segment_eq(get_fs(), KERNEL_DS)) 37#define __user_ok(addr,size) (((size) <= TASK_SIZE)&&((addr) <= TASK_SIZE-(size))) 38#define __access_ok(addr,size) (__kernel_ok || __user_ok((addr),(size))) 39#define access_ok(type,addr,size) __access_ok((unsigned long)(addr),(size)) 40 41static inline int verify_area(int type, const void * addr, unsigned long size) 42{ 43 return access_ok(type,addr,size) ? 0 : -EFAULT; 44} 45 46 47/* 48 * The exception table consists of pairs of addresses: the first is the 49 * address of an instruction that is allowed to fault, and the second is 50 * the address at which the program should continue. No registers are 51 * modified, so it is entirely up to the continuation code to figure out 52 * what to do. 53 * 54 * All the routines below use bits of fixup code that are out of line 55 * with the main instruction path. This means when everything is well, 56 * we don't even have to jump over them. Further, they do not intrude 57 * on our cache or tlb entries. 58 */ 59 60struct exception_table_entry 61{ 62 unsigned long insn, fixup; 63}; 64 65/* Returns 0 if exception not found and fixup otherwise. */ 66extern unsigned long search_exception_table(unsigned long); 67extern void sort_exception_table(void); 68 69/* 70 * These are the main single-value transfer routines. They automatically 71 * use the right size if we just have the right pointer type. 72 * 73 * This gets kind of ugly. We want to return _two_ values in "get_user()" 74 * and yet we don't want to do any pointers, because that is too much 75 * of a performance impact. Thus we have a few rather ugly macros here, 76 * and hide all the uglyness from the user. 77 * 78 * The "__xxx" versions of the user access functions are versions that 79 * do not verify the address space, that must have been done previously 80 * with a separate "access_ok()" call (this is used when we do multiple 81 * accesses to the same area of user memory). 82 * 83 * As we use the same address space for kernel and user data on the 84 * PowerPC, we can just do these as direct assignments. (Of course, the 85 * exception handling means that it's no longer "just"...) 86 */ 87#define get_user(x,ptr) \ 88 __get_user_check((x),(ptr),sizeof(*(ptr))) 89#define put_user(x,ptr) \ 90 __put_user_check((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr))) 91 92#define __get_user(x,ptr) \ 93 __get_user_nocheck((x),(ptr),sizeof(*(ptr))) 94#define __put_user(x,ptr) \ 95 __put_user_nocheck((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr))) 96 97extern long __put_user_bad(void); 98 99#define __put_user_nocheck(x,ptr,size) \ 100({ \ 101 long __pu_err; \ 102 __put_user_size((x),(ptr),(size),__pu_err); \ 103 __pu_err; \ 104}) 105 106#define __put_user_check(x,ptr,size) \ 107({ \ 108 long __pu_err = -EFAULT; \ 109 __typeof__(*(ptr)) *__pu_addr = (ptr); \ 110 if (access_ok(VERIFY_WRITE,__pu_addr,size)) \ 111 __put_user_size((x),__pu_addr,(size),__pu_err); \ 112 __pu_err; \ 113}) 114 115#define __put_user_size(x,ptr,size,retval) \ 116do { \ 117 retval = 0; \ 118 switch (size) { \ 119 case 1: __put_user_asm(x,ptr,retval,"stb"); break; \ 120 case 2: __put_user_asm(x,ptr,retval,"sth"); break; \ 121 case 4: __put_user_asm(x,ptr,retval,"stw"); break; \ 122 case 8: __put_user_asm(x,ptr,retval,"std"); break; \ 123 default: __put_user_bad(); \ 124 } \ 125} while (0) 126 127/* 128 * We don't tell gcc that we are accessing memory, but this is OK 129 * because we do not write to any memory gcc knows about, so there 130 * are no aliasing issues. 131 */ 132#define __put_user_asm(x, addr, err, op) \ 133 __asm__ __volatile__( \ 134 "1: "op" %1,0(%2)\n" \ 135 "2:\n" \ 136 ".section .fixup,\"ax\"\n" \ 137 "3: li %0,%3\n" \ 138 " b 2b\n" \ 139 ".previous\n" \ 140 ".section __ex_table,\"a\"\n" \ 141 " .align 3\n" \ 142 " .llong 1b,3b\n" \ 143 ".previous" \ 144 : "=r"(err) \ 145 : "r"(x), "b"(addr), "i"(-EFAULT), "0"(err)) 146 147 148#define __get_user_nocheck(x,ptr,size) \ 149({ \ 150 long __gu_err, __gu_val; \ 151 __get_user_size(__gu_val,(ptr),(size),__gu_err); \ 152 (x) = (__typeof__(*(ptr)))__gu_val; \ 153 __gu_err; \ 154}) 155 156#define __get_user_check(x,ptr,size) \ 157({ \ 158 long __gu_err = -EFAULT, __gu_val = 0; \ 159 const __typeof__(*(ptr)) *__gu_addr = (ptr); \ 160 if (access_ok(VERIFY_READ,__gu_addr,size)) \ 161 __get_user_size(__gu_val,__gu_addr,(size),__gu_err); \ 162 (x) = (__typeof__(*(ptr)))__gu_val; \ 163 __gu_err; \ 164}) 165 166extern long __get_user_bad(void); 167 168#define __get_user_size(x,ptr,size,retval) \ 169do { \ 170 retval = 0; \ 171 switch (size) { \ 172 case 1: __get_user_asm(x,ptr,retval,"lbz"); break; \ 173 case 2: __get_user_asm(x,ptr,retval,"lhz"); break; \ 174 case 4: __get_user_asm(x,ptr,retval,"lwz"); break; \ 175 case 8: __get_user_asm(x,ptr,retval,"ld"); break; \ 176 default: (x) = __get_user_bad(); \ 177 } \ 178} while (0) 179 180#define __get_user_asm(x, addr, err, op) \ 181 __asm__ __volatile__( \ 182 "1: "op" %1,0(%2)\n" \ 183 "2:\n" \ 184 ".section .fixup,\"ax\"\n" \ 185 "3: li %0,%3\n" \ 186 " li %1,0\n" \ 187 " b 2b\n" \ 188 ".previous\n" \ 189 ".section __ex_table,\"a\"\n" \ 190 " .align 3\n" \ 191 " .llong 1b,3b\n" \ 192 ".previous" \ 193 : "=r"(err), "=r"(x) \ 194 : "b"(addr), "i"(-EFAULT), "0"(err)) 195 196/* more complex routines */ 197 198extern unsigned long __copy_tofrom_user(void *to, const void *from, unsigned long size); 199 200static inline unsigned long 201copy_from_user(void *to, const void *from, unsigned long n) 202{ 203 unsigned long over; 204 205 if (access_ok(VERIFY_READ, from, n)) 206 return __copy_tofrom_user(to, from, n); 207 if ((unsigned long)from < TASK_SIZE) { 208 over = (unsigned long)from + n - TASK_SIZE; 209 return __copy_tofrom_user(to, from, n - over) + over; 210 } 211 return n; 212} 213 214static inline unsigned long 215copy_to_user(void *to, const void *from, unsigned long n) 216{ 217 unsigned long over; 218 219 if (access_ok(VERIFY_WRITE, to, n)) 220 return __copy_tofrom_user(to, from, n); 221 if ((unsigned long)to < TASK_SIZE) { 222 over = (unsigned long)to + n - TASK_SIZE; 223 return __copy_tofrom_user(to, from, n - over) + over; 224 } 225 return n; 226} 227 228#define __copy_from_user(to, from, size) \ 229 __copy_tofrom_user((to), (from), (size)) 230#define __copy_to_user(to, from, size) \ 231 __copy_tofrom_user((to), (from), (size)) 232 233extern unsigned long __clear_user(void *addr, unsigned long size); 234 235static inline unsigned long 236clear_user(void *addr, unsigned long size) 237{ 238 if (access_ok(VERIFY_WRITE, addr, size)) 239 return __clear_user(addr, size); 240 if ((unsigned long)addr < TASK_SIZE) { 241 unsigned long over = (unsigned long)addr + size - TASK_SIZE; 242 return __clear_user(addr, size - over) + over; 243 } 244 return size; 245} 246 247extern int __strncpy_from_user(char *dst, const char *src, long count); 248 249static inline long 250strncpy_from_user(char *dst, const char *src, long count) 251{ 252 if (access_ok(VERIFY_READ, src, 1)) 253 return __strncpy_from_user(dst, src, count); 254 return -EFAULT; 255} 256 257/* 258 * Return the size of a string (including the ending 0) 259 * 260 * Return 0 for error 261 */ 262 263extern int __strnlen_user(const char *str, long len, unsigned long top); 264 265/* 266 * Returns the length of the string at str (including the null byte), 267 * or 0 if we hit a page we can't access, 268 * or something > len if we didn't find a null byte. 269 * 270 * The `top' parameter to __strnlen_user is to make sure that 271 * we can never overflow from the user area into kernel space. 272 */ 273static inline int strnlen_user(const char *str, long len) 274{ 275 unsigned long top = __kernel_ok? ~0UL: TASK_SIZE - 1; 276 277 if ((unsigned long)str > top) 278 return 0; 279 return __strnlen_user(str, len, top); 280} 281 282#define strlen_user(str) strnlen_user((str), 0x7ffffffe) 283 284#endif /* __ASSEMBLY__ */ 285 286#endif /* _PPC64_UACCESS_H */ 287