[linux-block.git] / include / asm-generic / uaccess.h

#ifndef __ASM_GENERIC_UACCESS_H
#define __ASM_GENERIC_UACCESS_H

/*
 * User space memory access functions, these should work
 * on any machine that has kernel and user data in the same
 * address space, e.g. all NOMMU machines.
 */
#include <linux/string.h>

#include <asm/segment.h>

#define MAKE_MM_SEG(s)	((mm_segment_t) { (s) })

#ifndef KERNEL_DS
#define KERNEL_DS	MAKE_MM_SEG(~0UL)
#endif

#ifndef USER_DS
#define USER_DS		MAKE_MM_SEG(TASK_SIZE - 1)
#endif

#ifndef get_fs
#define get_ds()	(KERNEL_DS)
#define get_fs()	(current_thread_info()->addr_limit)

static inline void set_fs(mm_segment_t fs)
{
	current_thread_info()->addr_limit = fs;
}
#endif

#ifndef segment_eq
#define segment_eq(a, b) ((a).seg == (b).seg)
#endif

#define access_ok(type, addr, size) __access_ok((unsigned long)(addr),(size))

/*
 * The architecture should really override this if possible, at least
 * doing a check on the get_fs()
 */
#ifndef __access_ok
static inline int __access_ok(unsigned long addr, unsigned long size)
{
	return 1;
}
#endif

/*
 * The exception table consists of pairs of addresses: the first is the
 * address of an instruction that is allowed to fault, and the second is
 * the address at which the program should continue.  No registers are
 * modified, so it is entirely up to the continuation code to figure out
 * what to do.
 *
 * All the routines below use bits of fixup code that are out of line
 * with the main instruction path.  This means when everything is well,
 * we don't even have to jump over them.  Further, they do not intrude
 * on our cache or tlb entries.
 */

struct exception_table_entry
{
	unsigned long insn, fixup;
};

/*
 * architectures with an MMU should override these two
 */
#ifndef __copy_from_user
static inline __must_check long __copy_from_user(void *to,
		const void __user * from, unsigned long n)
{
	if (__builtin_constant_p(n)) {
		switch(n) {
		case 1:
			*(u8 *)to = *(u8 __force *)from;
			return 0;
		case 2:
			*(u16 *)to = *(u16 __force *)from;
			return 0;
		case 4:
			*(u32 *)to = *(u32 __force *)from;
			return 0;
#ifdef CONFIG_64BIT
		case 8:
			*(u64 *)to = *(u64 __force *)from;
			return 0;
#endif
		default:
			break;
		}
	}

	memcpy(to, (const void __force *)from, n);
	return 0;
}
#endif

#ifndef __copy_to_user
static inline __must_check long __copy_to_user(void __user *to,
		const void *from, unsigned long n)
{
	if (__builtin_constant_p(n)) {
		switch(n) {
		case 1:
			*(u8 __force *)to = *(u8 *)from;
			return 0;
		case 2:
			*(u16 __force *)to = *(u16 *)from;
			return 0;
		case 4:
			*(u32 __force *)to = *(u32 *)from;
			return 0;
#ifdef CONFIG_64BIT
		case 8:
			*(u64 __force *)to = *(u64 *)from;
			return 0;
#endif
		default:
			break;
		}
	}

	memcpy((void __force *)to, from, n);
	return 0;
}
#endif

/*
 * These are the main single-value transfer routines.  They automatically
 * use the right size if we just have the right pointer type.
 * This version just falls back to copy_{from,to}_user, which should
 * provide a fast-path for small values.
 */
#define __put_user(x, ptr) \
({								\
	__typeof__(*(ptr)) __x = (x);				\
	int __pu_err = -EFAULT;					\
        __chk_user_ptr(ptr);                                    \
	switch (sizeof (*(ptr))) {				\
	case 1:							\
	case 2:							\
	case 4:							\
	case 8:							\
		__pu_err = __put_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		break;						\
	default:						\
		__put_user_bad();				\
		break;						\
	 }							\
	__pu_err;						\
})

#define put_user(x, ptr)					\
({								\
	void *__p = (ptr);					\
	might_fault();						\
	access_ok(VERIFY_WRITE, __p, sizeof(*ptr)) ?		\
		__put_user((x), ((__typeof__(*(ptr)) *)__p)) :	\
		-EFAULT;					\
})

#ifndef __put_user_fn

static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
{
	size = __copy_to_user(ptr, x, size);
	return size ? -EFAULT : size;
}

#define __put_user_fn(sz, u, k)	__put_user_fn(sz, u, k)

#endif

extern int __put_user_bad(void) __attribute__((noreturn));

#define __get_user(x, ptr)					\
({								\
	int __gu_err = -EFAULT;					\
	__chk_user_ptr(ptr);					\
	switch (sizeof(*(ptr))) {				\
	case 1: {						\
		unsigned char __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 2: {						\
		unsigned short __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 4: {						\
		unsigned int __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 8: {						\
		unsigned long long __x;				\
		__gu_err = __get_user_fn(sizeof (*(ptr)),	\
					 ptr, &__x);		\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	default:						\
		__get_user_bad();				\
		break;						\
	}							\
	__gu_err;						\
})

#define get_user(x, ptr)					\
({								\
	const void *__p = (ptr);				\
	might_fault();						\
	access_ok(VERIFY_READ, __p, sizeof(*ptr)) ?		\
		__get_user((x), (__typeof__(*(ptr)) *)__p) :	\
		((x) = (__typeof__(*(ptr)))0,-EFAULT);		\
})

#ifndef __get_user_fn
static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
{
	size_t n = __copy_from_user(x, ptr, size);
	if (unlikely(n)) {
		memset(x + (size - n), 0, n);
		return -EFAULT;
	}
	return 0;
}

#define __get_user_fn(sz, u, k)	__get_user_fn(sz, u, k)

#endif

extern int __get_user_bad(void) __attribute__((noreturn));

#ifndef __copy_from_user_inatomic
#define __copy_from_user_inatomic __copy_from_user
#endif

#ifndef __copy_to_user_inatomic
#define __copy_to_user_inatomic __copy_to_user
#endif

static inline long copy_from_user(void *to,
		const void __user * from, unsigned long n)
{
	unsigned long res = n;
	might_fault();
	if (likely(access_ok(VERIFY_READ, from, n)))
		res = __copy_from_user(to, from, n);
	if (unlikely(res))
		memset(to + (n - res), 0, res);
	return res;
}

static inline long copy_to_user(void __user *to,
		const void *from, unsigned long n)
{
	might_fault();
	if (access_ok(VERIFY_WRITE, to, n))
		return __copy_to_user(to, from, n);
	else
		return n;
}

/*
 * Copy a null terminated string from userspace.
 */
#ifndef __strncpy_from_user
static inline long
__strncpy_from_user(char *dst, const char __user *src, long count)
{
	char *tmp;
	strncpy(dst, (const char __force *)src, count);
	for (tmp = dst; *tmp && count > 0; tmp++, count--)
		;
	return (tmp - dst);
}
#endif

static inline long
strncpy_from_user(char *dst, const char __user *src, long count)
{
	if (!access_ok(VERIFY_READ, src, 1))
		return -EFAULT;
	return __strncpy_from_user(dst, src, count);
}

/*
 * Return the size of a string (including the ending 0)
 *
 * Return 0 on exception, a value greater than N if too long
 */
#ifndef __strnlen_user
#define __strnlen_user(s, n) (strnlen((s), (n)) + 1)
#endif

/*
 * Unlike strnlen, strnlen_user includes the nul terminator in
 * its returned count. Callers should check for a returned value
 * greater than N as an indication the string is too long.
 */
static inline long strnlen_user(const char __user *src, long n)
{
	if (!access_ok(VERIFY_READ, src, 1))
		return 0;
	return __strnlen_user(src, n);
}

static inline long strlen_user(const char __user *src)
{
	return strnlen_user(src, 32767);
}

/*
 * Zero Userspace
 */
#ifndef __clear_user
static inline __must_check unsigned long
__clear_user(void __user *to, unsigned long n)
{
	memset((void __force *)to, 0, n);
	return 0;
}
#endif

static inline __must_check unsigned long
clear_user(void __user *to, unsigned long n)
{
	might_fault();
	if (!access_ok(VERIFY_WRITE, to, n))
		return n;

	return __clear_user(to, n);
}

#endif /* __ASM_GENERIC_UACCESS_H */
Commit	Line	Data
eed417dd AB	1	#ifndef __ASM_GENERIC_UACCESS_H
	2	#define __ASM_GENERIC_UACCESS_H
	3
	4	/*
	5	* User space memory access functions, these should work
0a4a6647	6	* on any machine that has kernel and user data in the same
eed417dd AB	7	* address space, e.g. all NOMMU machines.
eed417dd AB	8	*/
eed417dd AB	9	#include <linux/string.h>
	10
	11	#include <asm/segment.h>
	12
	13	#define MAKE_MM_SEG(s) ((mm_segment_t) { (s) })
	14
	15	#ifndef KERNEL_DS
	16	#define KERNEL_DS MAKE_MM_SEG(~0UL)
	17	#endif
	18
	19	#ifndef USER_DS
	20	#define USER_DS MAKE_MM_SEG(TASK_SIZE - 1)
	21	#endif
	22
	23	#ifndef get_fs
	24	#define get_ds() (KERNEL_DS)
	25	#define get_fs() (current_thread_info()->addr_limit)
	26
	27	static inline void set_fs(mm_segment_t fs)
	28	{
	29	current_thread_info()->addr_limit = fs;
	30	}
	31	#endif
	32
10a6007b	33	#ifndef segment_eq
eed417dd	34	#define segment_eq(a, b) ((a).seg == (b).seg)
10a6007b	35	#endif
eed417dd	36
eed417dd AB	37	#define access_ok(type, addr, size) __access_ok((unsigned long)(addr),(size))
	38
	39	/*
	40	* The architecture should really override this if possible, at least
	41	* doing a check on the get_fs()
	42	*/
	43	#ifndef __access_ok
	44	static inline int __access_ok(unsigned long addr, unsigned long size)
	45	{
	46	return 1;
	47	}
	48	#endif
	49
	50	/*
	51	* The exception table consists of pairs of addresses: the first is the
	52	* address of an instruction that is allowed to fault, and the second is
	53	* the address at which the program should continue. No registers are
	54	* modified, so it is entirely up to the continuation code to figure out
	55	* what to do.
	56	*
	57	* All the routines below use bits of fixup code that are out of line
	58	* with the main instruction path. This means when everything is well,
	59	* we don't even have to jump over them. Further, they do not intrude
	60	* on our cache or tlb entries.
	61	*/
	62
	63	struct exception_table_entry
	64	{
	65	unsigned long insn, fixup;
	66	};
	67
eed417dd AB	68	/*
	69	* architectures with an MMU should override these two
	70	*/
	71	#ifndef __copy_from_user
	72	static inline __must_check long __copy_from_user(void *to,
	73	const void __user * from, unsigned long n)
	74	{
	75	if (__builtin_constant_p(n)) {
	76	switch(n) {
	77	case 1:
	78	(u8 )to = (u8 __force )from;
	79	return 0;
	80	case 2:
	81	(u16 )to = (u16 __force )from;
	82	return 0;
	83	case 4:
	84	(u32 )to = (u32 __force )from;
	85	return 0;
	86	#ifdef CONFIG_64BIT
	87	case 8:
	88	(u64 )to = (u64 __force )from;
	89	return 0;
	90	#endif
	91	default:
	92	break;
	93	}
	94	}
	95
	96	memcpy(to, (const void __force *)from, n);
	97	return 0;
	98	}
	99	#endif
	100
	101	#ifndef __copy_to_user
	102	static inline __must_check long __copy_to_user(void __user *to,
	103	const void *from, unsigned long n)
	104	{
	105	if (__builtin_constant_p(n)) {
	106	switch(n) {
	107	case 1:
	108	(u8 __force )to = (u8 )from;
	109	return 0;
	110	case 2:
	111	(u16 __force )to = (u16 )from;
	112	return 0;
	113	case 4:
	114	(u32 __force )to = (u32 )from;
	115	return 0;
	116	#ifdef CONFIG_64BIT
	117	case 8:
	118	(u64 __force )to = (u64 )from;
	119	return 0;
	120	#endif
	121	default:
	122	break;
	123	}
	124	}
	125
	126	memcpy((void __force *)to, from, n);
	127	return 0;
	128	}
	129	#endif
	130
	131	/*
132	* These are the main single-value transfer routines. They automatically
133	* use the right size if we just have the right pointer type.
134	* This version just falls back to copy_{from,to}_user, which should
135	* provide a fast-path for small values.
136	*/
137	#define __put_user(x, ptr) \
138	({ \
139	__typeof__(*(ptr)) __x = (x); \
140	int __pu_err = -EFAULT; \
141	__chk_user_ptr(ptr); \
142	switch (sizeof (*(ptr))) { \
143	case 1: \
144	case 2: \
145	case 4: \
146	case 8: \
147	__pu_err = __put_user_fn(sizeof (*(ptr)), \
148	ptr, &__x); \
149	break; \
150	default: \
151	__put_user_bad(); \
152	break; \
153	} \
154	__pu_err; \
155	})
156
157	#define put_user(x, ptr) \
158	({ \
a02613a4	159	void *__p = (ptr); \
e0acd0bd	160	might_fault(); \
a02613a4 YS	161	access_ok(VERIFY_WRITE, __p, sizeof(*ptr)) ? \
a02613a4 YS	162	__put_user((x), ((__typeof__((ptr)) )__p)) : \
eed417dd AB	163	-EFAULT; \
	164	})
	165
05d88a49 VG	166	#ifndef __put_user_fn
05d88a49 VG	167
eed417dd AB	168	static inline int __put_user_fn(size_t size, void __user ptr, void x)
	169	{
	170	size = __copy_to_user(ptr, x, size);
	171	return size ? -EFAULT : size;
	172	}
	173
05d88a49 VG	174	#define __put_user_fn(sz, u, k) __put_user_fn(sz, u, k)
	175
	176	#endif
	177
eed417dd AB	178	extern int __put_user_bad(void) __attribute__((noreturn));
	179
	180	#define __get_user(x, ptr) \
	181	({ \
	182	int __gu_err = -EFAULT; \
	183	__chk_user_ptr(ptr); \
	184	switch (sizeof(*(ptr))) { \
	185	case 1: { \
	186	unsigned char __x; \
	187	__gu_err = __get_user_fn(sizeof (*(ptr)), \
	188	ptr, &__x); \
	189	(x) = (__force __typeof__((ptr)) *) &__x; \
	190	break; \
	191	}; \
	192	case 2: { \
	193	unsigned short __x; \
	194	__gu_err = __get_user_fn(sizeof (*(ptr)), \
	195	ptr, &__x); \
	196	(x) = (__force __typeof__((ptr)) *) &__x; \
	197	break; \
	198	}; \
	199	case 4: { \
	200	unsigned int __x; \
	201	__gu_err = __get_user_fn(sizeof (*(ptr)), \
	202	ptr, &__x); \
	203	(x) = (__force __typeof__((ptr)) *) &__x; \
	204	break; \
	205	}; \
	206	case 8: { \
	207	unsigned long long __x; \
	208	__gu_err = __get_user_fn(sizeof (*(ptr)), \
	209	ptr, &__x); \
	210	(x) = (__force __typeof__((ptr)) *) &__x; \
	211	break; \
	212	}; \
	213	default: \
	214	__get_user_bad(); \
	215	break; \
	216	} \
	217	__gu_err; \
	218	})
	219
	220	#define get_user(x, ptr) \
	221	({ \
a02613a4	222	const void *__p = (ptr); \
e0acd0bd	223	might_fault(); \
a02613a4 YS	224	access_ok(VERIFY_READ, __p, sizeof(*ptr)) ? \
a02613a4 YS	225	__get_user((x), (__typeof__((ptr)) )__p) : \
9ad18b75	226	((x) = (__typeof__(*(ptr)))0,-EFAULT); \
eed417dd AB	227	})
eed417dd AB	228
05d88a49	229	#ifndef __get_user_fn
eed417dd AB	230	static inline int __get_user_fn(size_t size, const void __user ptr, void x)
eed417dd AB	231	{
9ad18b75 AV	232	size_t n = __copy_from_user(x, ptr, size);
	233	if (unlikely(n)) {
	234	memset(x + (size - n), 0, n);
	235	return -EFAULT;
	236	}
	237	return 0;
eed417dd AB	238	}
eed417dd AB	239
05d88a49 VG	240	#define __get_user_fn(sz, u, k) __get_user_fn(sz, u, k)
	241
	242	#endif
	243
eed417dd AB	244	extern int __get_user_bad(void) __attribute__((noreturn));
	245
	246	#ifndef __copy_from_user_inatomic
	247	#define __copy_from_user_inatomic __copy_from_user
	248	#endif
	249
	250	#ifndef __copy_to_user_inatomic
	251	#define __copy_to_user_inatomic __copy_to_user
	252	#endif
	253
	254	static inline long copy_from_user(void *to,
	255	const void __user * from, unsigned long n)
	256	{
2545e5da	257	unsigned long res = n;
e0acd0bd	258	might_fault();
2545e5da AV	259	if (likely(access_ok(VERIFY_READ, from, n)))
	260	res = __copy_from_user(to, from, n);
	261	if (unlikely(res))
	262	memset(to + (n - res), 0, res);
	263	return res;
eed417dd AB	264	}
	265
	266	static inline long copy_to_user(void __user *to,
	267	const void *from, unsigned long n)
	268	{
e0acd0bd	269	might_fault();
a9ede5b3	270	if (access_ok(VERIFY_WRITE, to, n))
eed417dd AB	271	return __copy_to_user(to, from, n);
	272	else
	273	return n;
	274	}
	275
	276	/*
	277	* Copy a null terminated string from userspace.
	278	*/
	279	#ifndef __strncpy_from_user
	280	static inline long
	281	__strncpy_from_user(char dst, const char __user src, long count)
	282	{
	283	char *tmp;
	284	strncpy(dst, (const char __force *)src, count);
	285	for (tmp = dst; *tmp && count > 0; tmp++, count--)
	286	;
	287	return (tmp - dst);
	288	}
	289	#endif
	290
	291	static inline long
	292	strncpy_from_user(char dst, const char __user src, long count)
	293	{
a9ede5b3	294	if (!access_ok(VERIFY_READ, src, 1))
eed417dd AB	295	return -EFAULT;
	296	return __strncpy_from_user(dst, src, count);
	297	}
	298
	299	/*
	300	* Return the size of a string (including the ending 0)
	301	*
	302	* Return 0 on exception, a value greater than N if too long
	303	*/
7f509a9e	304	#ifndef __strnlen_user
830f5800	305	#define __strnlen_user(s, n) (strnlen((s), (n)) + 1)
7f509a9e G	306	#endif
7f509a9e G	307
830f5800 MS	308	/*
	309	* Unlike strnlen, strnlen_user includes the nul terminator in
	310	* its returned count. Callers should check for a returned value
	311	* greater than N as an indication the string is too long.
	312	*/
eed417dd AB	313	static inline long strnlen_user(const char __user *src, long n)
eed417dd AB	314	{
9844813f MF	315	if (!access_ok(VERIFY_READ, src, 1))
9844813f MF	316	return 0;
7f509a9e	317	return __strnlen_user(src, n);
eed417dd	318	}
eed417dd AB	319
	320	static inline long strlen_user(const char __user *src)
	321	{
	322	return strnlen_user(src, 32767);
	323	}
	324
	325	/*
	326	* Zero Userspace
	327	*/
	328	#ifndef __clear_user
	329	static inline __must_check unsigned long
	330	__clear_user(void __user *to, unsigned long n)
	331	{
	332	memset((void __force *)to, 0, n);
	333	return 0;
	334	}
	335	#endif
	336
	337	static inline __must_check unsigned long
	338	clear_user(void __user *to, unsigned long n)
	339	{
e0acd0bd	340	might_fault();
a9ede5b3	341	if (!access_ok(VERIFY_WRITE, to, n))
eed417dd AB	342	return n;
	343
	344	return __clear_user(to, n);
	345	}
	346
	347	#endif /* __ASM_GENERIC_UACCESS_H */