1/*
2 * arch/ubicom32/include/asm/uaccess.h
3 *   User space memory access functions for Ubicom32 architecture.
4 *
5 * (C) Copyright 2009, Ubicom, Inc.
6 *
7 * This file is part of the Ubicom32 Linux Kernel Port.
8 *
9 * The Ubicom32 Linux Kernel Port is free software: you can redistribute
10 * it and/or modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation, either version 2 of the
12 * License, or (at your option) any later version.
13 *
14 * The Ubicom32 Linux Kernel Port is distributed in the hope that it
15 * will be useful, but WITHOUT ANY WARRANTY; without even the implied
16 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
17 * the GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with the Ubicom32 Linux Kernel Port.  If not,
21 * see <http://www.gnu.org/licenses/>.
22 *
23 * Ubicom32 implementation derived from (with many thanks):
24 *   arch/m68knommu
25 *   arch/blackfin
26 *   arch/parisc
27 *   arch/alpha
28 */
29#ifndef _ASM_UBICOM32_UACCESS_H
30#define _ASM_UBICOM32_UACCESS_H
31
32/*
33 * User space memory access functions
34 */
35#include <linux/sched.h>
36#include <linux/mm.h>
37#include <linux/string.h>
38
39#include <asm/segment.h>
40
41#define VERIFY_READ	0
42#define VERIFY_WRITE	1
43
44/*
45 * The exception table consists of pairs of addresses: the first is the
46 * address of an instruction that is allowed to fault, and the second is
47 * the address at which the program should continue.  No registers are
48 * modified, so it is entirely up to the continuation code to figure out
49 * what to do.
50 *
51 * All the routines below use bits of fixup code that are out of line
52 * with the main instruction path.  This means when everything is well,
53 * we don't even have to jump over them.  Further, they do not intrude
54 * on our cache or tlb entries.
55 */
56struct exception_table_entry
57{
58	unsigned long insn, fixup;
59};
60
61/*
62 * Ubicom32 does not currently support the exception table handling.
63 */
64extern unsigned long search_exception_table(unsigned long);
65
66
67#if defined(CONFIG_ACCESS_OK_CHECKS_ENABLED)
68extern int __access_ok(unsigned long addr, unsigned long size);
69#else
70static inline int __access_ok(unsigned long addr, unsigned long size)
71{
72	return 1;
73}
74#endif
75#define access_ok(type, addr, size) \
76	likely(__access_ok((unsigned long)(addr), (size)))
77
78/*
79 * The following functions do not exist.  They keep callers
80 * of put_user and get_user from passing unsupported argument
81 * types.  They result in a link time error.
82 */
83extern int __put_user_bad(void);
84extern int __get_user_bad(void);
85
86/*
87 * __put_user_no_check()
88 *	Put the requested data into the user space verifying the address
89 *
90 * Careful to not
91 * (a) re-use the arguments for side effects (sizeof/typeof is ok)
92 * (b) require any knowledge of processes at this stage
93 */
94#define __put_user_no_check(x, ptr, size)		\
95({							\
96	int __pu_err = 0;				\
97	__typeof__(*(ptr)) __user *__pu_addr = (ptr);	\
98	switch (size) {					\
99	case 1:						\
100	case 2:						\
101	case 4:						\
102	case 8:						\
103		*__pu_addr = (__typeof__(*(ptr)))x;	\
104		break;					\
105	default:					\
106		__pu_err = __put_user_bad();		\
107		break;					\
108	}						\
109	__pu_err;					\
110})
111
112/*
113 * __put_user_check()
114 *	Put the requested data into the user space verifying the address
115 *
116 * Careful to not
117 * (a) re-use the arguments for side effects (sizeof/typeof is ok)
118 * (b) require any knowledge of processes at this stage
119 *
120 * If requested, access_ok() will verify that ptr is a valid user
121 * pointer.
122 */
123#define __put_user_check(x, ptr, size)				\
124({								\
125	int __pu_err = -EFAULT;					\
126	__typeof__(*(ptr)) __user *__pu_addr = (ptr);		\
127	if (access_ok(VERIFY_WRITE, __pu_addr, size)) {		\
128		__pu_err = 0;					\
129		switch (size) {					\
130		case 1:						\
131		case 2:						\
132		case 4:						\
133		case 8:						\
134			*__pu_addr = (__typeof__(*(ptr)))x;	\
135			break;					\
136		default:					\
137			__pu_err = __put_user_bad();		\
138			break;					\
139		}						\
140	}							\
141	__pu_err;						\
142})
143
144/*
145 * __get_user_no_check()
146 *	Read the value at ptr into x.
147 *
148 * If requested, access_ok() will verify that ptr is a valid user
149 * pointer.  If the caller passes a modifying argument for ptr (e.g. x++)
150 * this macro will not work.
151 */
152#define __get_user_no_check(x, ptr, size)			\
153({								\
154	int __gu_err = 0;					\
155	__typeof__((x)) __gu_val = 0;				\
156	const __typeof__(*(ptr)) __user *__gu_addr = (ptr);	\
157	switch (size) {						\
158	case 1:							\
159	case 2:							\
160	case 4:							\
161	case 8:							\
162		__gu_val = (__typeof__((x)))*(__gu_addr);	\
163		break;						\
164	default:						\
165		__gu_err = __get_user_bad();			\
166		(x) = 0;					\
167		break;						\
168	}							\
169	(x) = __gu_val;						\
170	__gu_err;						\
171})
172
173/*
174 * __get_user_check()
175 *	Read the value at ptr into x.
176 *
177 * If requested, access_ok() will verify that ptr is a valid user
178 * pointer.
179 */
180#define __get_user_check(x, ptr, size)					\
181({									\
182	int __gu_err = -EFAULT;						\
183	__typeof__(x) __gu_val = 0;					\
184	const __typeof__(*(ptr)) __user *__gu_addr = (ptr);		\
185	if (access_ok(VERIFY_READ, __gu_addr, size)) {			\
186		__gu_err = 0;						\
187		switch (size) {						\
188		case 1:							\
189		case 2:							\
190		case 4:							\
191		case 8:							\
192			__gu_val = (__typeof__((x)))*(__gu_addr);	\
193			break;						\
194		default:						\
195			__gu_err = __get_user_bad();			\
196			(x) = 0;					\
197			break;						\
198		}							\
199	}								\
200	(x) = __gu_val;							\
201	__gu_err;							\
202})
203
204/*
205 * The "xxx" versions are allowed to perform some amount of address
206 * space checking.  See access_ok().
207 */
208#define put_user(x,ptr) \
209	__put_user_check((__typeof__(*(ptr)))(x),(ptr), sizeof(*(ptr)))
210#define get_user(x,ptr) \
211	__get_user_check((x), (ptr), sizeof(*(ptr)))
212
213/*
214 * The "__xxx" versions do not do address space checking, useful when
215 * doing multiple accesses to the same area (the programmer has to do the
216 * checks by hand with "access_ok()")
217 */
218#define __put_user(x,ptr) \
219	__put_user_no_check((__typeof__(*(ptr)))(x),(ptr), sizeof(*(ptr)))
220#define __get_user(x,ptr) \
221	__get_user_no_check((x), (ptr), sizeof(*(ptr)))
222
223/*
224 * __copy_tofrom_user_no_check()
225 *	Copy the data either to or from user space.
226 *
227 * Return the number of bytes NOT copied.
228 */
229static inline unsigned long
230__copy_tofrom_user_no_check(void *to, const void *from, unsigned long n)
231{
232	memcpy(to, from, n);
233	return 0;
234}
235
236/*
237 * copy_to_user()
238 * 	Copy the kernel data to user space.
239 *
240 * Return the number of bytes that were copied.
241 */
242static inline unsigned long
243copy_to_user(void __user *to, const void *from, unsigned long n)
244{
245	if (!access_ok(VERIFY_WRITE, to, n)) {
246		return n;
247	}
248	return __copy_tofrom_user_no_check((__force void *)to, from, n);
249}
250
251/*
252 * copy_from_user()
253 * 	Copy the user data to kernel space.
254 *
255 * Return the number of bytes that were copied.  On error, we zero
256 * out the destination.
257 */
258static inline unsigned long
259copy_from_user(void *to, const void __user *from, unsigned long n)
260{
261	if (!access_ok(VERIFY_READ, from, n)) {
262		return n;
263	}
264	return __copy_tofrom_user_no_check(to, (__force void *)from, n);
265}
266
267#define __copy_to_user(to, from, n) \
268	__copy_tofrom_user_no_check((__force void *)to, from, n)
269#define __copy_from_user(to, from, n) \
270	__copy_tofrom_user_no_check(to, (__force void *)from, n)
271#define __copy_to_user_inatomic(to, from, n) \
272	__copy_tofrom_user_no_check((__force void *)to, from, n)
273#define __copy_from_user_inatomic(to, from, n) \
274	__copy_tofrom_user_no_check(to, (__force void *)from, n)
275
276#define copy_to_user_ret(to, from, n, retval) \
277	({ if (copy_to_user(to, from, n)) return retval; })
278
279#define copy_from_user_ret(to, from, n, retval) \
280	({ if (copy_from_user(to, from, n)) return retval; })
281
282/*
283 * strncpy_from_user()
284 *	Copy a null terminated string from userspace.
285 *
286 * dst - Destination in kernel space.  The buffer must be at least count.
287 * src - Address of string in user space.
288 * count - Maximum number of bytes to copy (including the trailing NULL).
289 *
290 * Returns the length of the string (not including the trailing NULL.  If
291 * count is smaller than the length of the string, we copy count bytes
292 * and return count.
293 *
294 */
295static inline long strncpy_from_user(char *dst, const __user char *src, long count)
296{
297	char *tmp;
298	if (!access_ok(VERIFY_READ, src, 1)) {
299		return -EFAULT;
300	}
301
302	strncpy(dst, src, count);
303	for (tmp = dst; *tmp && count > 0; tmp++, count--) {
304		;
305	}
306	return(tmp - dst);
307}
308
309/*
310 * strnlen_user()
311 *	Return the size of a string (including the ending 0)
312 *
313 * Return -EFAULT on exception, a value greater than <n> if too long
314 */
315static inline long strnlen_user(const __user char *src, long n)
316{
317	if (!access_ok(VERIFY_READ, src, 1)) {
318		return -EFAULT;
319	}
320	return(strlen(src) + 1);
321}
322
323#define strlen_user(str) strnlen_user(str, 32767)
324
325/*
326 * __clear_user()
327 *	Zero Userspace
328 */
329static inline unsigned long __clear_user(__user void *to, unsigned long n)
330{
331	memset(to, 0, n);
332	return 0;
333}
334
335/*
336 * clear_user()
337 *	Zero user space (check for valid addresses)
338 */
339static inline unsigned long clear_user(__user void *to, unsigned long n)
340{
341	if (!access_ok(VERIFY_WRITE, to, n)) {
342		return -EFAULT;
343	}
344	return __clear_user(to, n);
345}
346
347#endif /* _ASM_UBICOM32_UACCESS_H */
348