[mirror_ubuntu-focal-kernel.git] / arch / s390 / include / asm / uaccess.h

/*
 *  S390 version
 *    Copyright IBM Corp. 1999, 2000
 *    Author(s): Hartmut Penner (hp@de.ibm.com),
 *               Martin Schwidefsky (schwidefsky@de.ibm.com)
 *
 *  Derived from "include/asm-i386/uaccess.h"
 */
#ifndef __S390_UACCESS_H
#define __S390_UACCESS_H

/*
 * User space memory access functions
 */
#include <linux/sched.h>
#include <linux/errno.h>
#include <asm/ctl_reg.h>

#define VERIFY_READ     0
#define VERIFY_WRITE    1


/*
 * The fs value determines whether argument validity checking should be
 * performed or not.  If get_fs() == USER_DS, checking is performed, with
 * get_fs() == KERNEL_DS, checking is bypassed.
 *
 * For historical reasons, these macros are grossly misnamed.
 */

#define MAKE_MM_SEG(a)  ((mm_segment_t) { (a) })


#define KERNEL_DS       MAKE_MM_SEG(0)
#define USER_DS         MAKE_MM_SEG(1)

#define get_ds()        (KERNEL_DS)
#define get_fs()        (current->thread.mm_segment)

#define set_fs(x) \
({									\
	unsigned long __pto;						\
	current->thread.mm_segment = (x);				\
	__pto = current->thread.mm_segment.ar4 ?			\
		S390_lowcore.user_asce : S390_lowcore.kernel_asce;	\
	__ctl_load(__pto, 7, 7);					\
})

#define segment_eq(a,b) ((a).ar4 == (b).ar4)

static inline int __range_ok(unsigned long addr, unsigned long size)
{
	return 1;
}

#define __access_ok(addr, size)				\
({							\
	__chk_user_ptr(addr);				\
	__range_ok((unsigned long)(addr), (size));	\
})

#define access_ok(type, addr, size) __access_ok(addr, size)

/*
 * The exception table consists of pairs of addresses: the first is the
 * address of an instruction that is allowed to fault, and the second is
 * the address at which the program should continue.  No registers are
 * modified, so it is entirely up to the continuation code to figure out
 * what to do.
 *
 * All the routines below use bits of fixup code that are out of line
 * with the main instruction path.  This means when everything is well,
 * we don't even have to jump over them.  Further, they do not intrude
 * on our cache or tlb entries.
 */

struct exception_table_entry
{
	int insn, fixup;
};

static inline unsigned long extable_insn(const struct exception_table_entry *x)
{
	return (unsigned long)&x->insn + x->insn;
}

static inline unsigned long extable_fixup(const struct exception_table_entry *x)
{
	return (unsigned long)&x->fixup + x->fixup;
}

#define ARCH_HAS_SORT_EXTABLE
#define ARCH_HAS_SEARCH_EXTABLE

/**
 * __copy_from_user: - Copy a block of data from user space, with less checking.
 * @to:   Destination address, in kernel space.
 * @from: Source address, in user space.
 * @n:	  Number of bytes to copy.
 *
 * Context: User context only.	This function may sleep.
 *
 * Copy data from user space to kernel space.  Caller must check
 * the specified block with access_ok() before calling this function.
 *
 * Returns number of bytes that could not be copied.
 * On success, this will be zero.
 *
 * If some data could not be copied, this function will pad the copied
 * data to the requested size using zero bytes.
 */
unsigned long __must_check __copy_from_user(void *to, const void __user *from,
					    unsigned long n);

/**
 * __copy_to_user: - Copy a block of data into user space, with less checking.
 * @to:   Destination address, in user space.
 * @from: Source address, in kernel space.
 * @n:	  Number of bytes to copy.
 *
 * Context: User context only.	This function may sleep.
 *
 * Copy data from kernel space to user space.  Caller must check
 * the specified block with access_ok() before calling this function.
 *
 * Returns number of bytes that could not be copied.
 * On success, this will be zero.
 */
unsigned long __must_check __copy_to_user(void __user *to, const void *from,
					  unsigned long n);

#define __copy_to_user_inatomic __copy_to_user
#define __copy_from_user_inatomic __copy_from_user

static inline int __put_user_fn(void *x, void __user *ptr, unsigned long size)
{
	size = __copy_to_user(ptr, x, size);
	return size ? -EFAULT : 0;
}

static inline int __get_user_fn(void *x, const void __user *ptr, unsigned long size)
{
	size = __copy_from_user(x, ptr, size);
	return size ? -EFAULT : 0;
}

/*
 * These are the main single-value transfer routines.  They automatically
 * use the right size if we just have the right pointer type.
 */
#define __put_user(x, ptr) \
({								\
	__typeof__(*(ptr)) __x = (x);				\
	int __pu_err = -EFAULT;					\
        __chk_user_ptr(ptr);                                    \
	switch (sizeof (*(ptr))) {				\
	case 1:							\
	case 2:							\
	case 4:							\
	case 8:							\
		__pu_err = __put_user_fn(&__x, ptr,		\
					 sizeof(*(ptr)));	\
		break;						\
	default:						\
		__put_user_bad();				\
		break;						\
	 }							\
	__pu_err;						\
})

#define put_user(x, ptr)					\
({								\
	might_fault();						\
	__put_user(x, ptr);					\
})


int __put_user_bad(void) __attribute__((noreturn));

#define __get_user(x, ptr)					\
({								\
	int __gu_err = -EFAULT;					\
	__chk_user_ptr(ptr);					\
	switch (sizeof(*(ptr))) {				\
	case 1: {						\
		unsigned char __x;				\
		__gu_err = __get_user_fn(&__x, ptr,		\
					 sizeof(*(ptr)));	\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 2: {						\
		unsigned short __x;				\
		__gu_err = __get_user_fn(&__x, ptr,		\
					 sizeof(*(ptr)));	\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 4: {						\
		unsigned int __x;				\
		__gu_err = __get_user_fn(&__x, ptr,		\
					 sizeof(*(ptr)));	\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	case 8: {						\
		unsigned long long __x;				\
		__gu_err = __get_user_fn(&__x, ptr,		\
					 sizeof(*(ptr)));	\
		(x) = *(__force __typeof__(*(ptr)) *) &__x;	\
		break;						\
	};							\
	default:						\
		__get_user_bad();				\
		break;						\
	}							\
	__gu_err;						\
})

#define get_user(x, ptr)					\
({								\
	might_fault();						\
	__get_user(x, ptr);					\
})

int __get_user_bad(void) __attribute__((noreturn));

#define __put_user_unaligned __put_user
#define __get_user_unaligned __get_user

/**
 * copy_to_user: - Copy a block of data into user space.
 * @to:   Destination address, in user space.
 * @from: Source address, in kernel space.
 * @n:    Number of bytes to copy.
 *
 * Context: User context only.  This function may sleep.
 *
 * Copy data from kernel space to user space.
 *
 * Returns number of bytes that could not be copied.
 * On success, this will be zero.
 */
static inline unsigned long __must_check
copy_to_user(void __user *to, const void *from, unsigned long n)
{
	might_fault();
	return __copy_to_user(to, from, n);
}

void copy_from_user_overflow(void)
#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
__compiletime_warning("copy_from_user() buffer size is not provably correct")
#endif
;

/**
 * copy_from_user: - Copy a block of data from user space.
 * @to:   Destination address, in kernel space.
 * @from: Source address, in user space.
 * @n:    Number of bytes to copy.
 *
 * Context: User context only.  This function may sleep.
 *
 * Copy data from user space to kernel space.
 *
 * Returns number of bytes that could not be copied.
 * On success, this will be zero.
 *
 * If some data could not be copied, this function will pad the copied
 * data to the requested size using zero bytes.
 */
static inline unsigned long __must_check
copy_from_user(void *to, const void __user *from, unsigned long n)
{
	unsigned int sz = __compiletime_object_size(to);

	might_fault();
	if (unlikely(sz != -1 && sz < n)) {
		copy_from_user_overflow();
		return n;
	}
	return __copy_from_user(to, from, n);
}

unsigned long __must_check
__copy_in_user(void __user *to, const void __user *from, unsigned long n);

static inline unsigned long __must_check
copy_in_user(void __user *to, const void __user *from, unsigned long n)
{
	might_fault();
	return __copy_in_user(to, from, n);
}

/*
 * Copy a null terminated string from userspace.
 */

long __strncpy_from_user(char *dst, const char __user *src, long count);

static inline long __must_check
strncpy_from_user(char *dst, const char __user *src, long count)
{
	might_fault();
	return __strncpy_from_user(dst, src, count);
}

unsigned long __must_check __strnlen_user(const char __user *src, unsigned long count);

static inline unsigned long strnlen_user(const char __user *src, unsigned long n)
{
	might_fault();
	return __strnlen_user(src, n);
}

/**
 * strlen_user: - Get the size of a string in user space.
 * @str: The string to measure.
 *
 * Context: User context only.  This function may sleep.
 *
 * Get the size of a NUL-terminated string in user space.
 *
 * Returns the size of the string INCLUDING the terminating NUL.
 * On exception, returns 0.
 *
 * If there is a limit on the length of a valid string, you may wish to
 * consider using strnlen_user() instead.
 */
#define strlen_user(str) strnlen_user(str, ~0UL)

/*
 * Zero Userspace
 */
unsigned long __must_check __clear_user(void __user *to, unsigned long size);

static inline unsigned long __must_check clear_user(void __user *to, unsigned long n)
{
	might_fault();
	return __clear_user(to, n);
}

int copy_to_user_real(void __user *dest, void *src, unsigned long count);

#endif /* __S390_UACCESS_H */
Commit	Line	Data
1da177e4	1	/*
1da177e4	2	* S390 version
a53c8fab	3	* Copyright IBM Corp. 1999, 2000
1da177e4 LT	4	* Author(s): Hartmut Penner (hp@de.ibm.com),
	5	* Martin Schwidefsky (schwidefsky@de.ibm.com)
	6	*
	7	* Derived from "include/asm-i386/uaccess.h"
	8	*/
	9	#ifndef __S390_UACCESS_H
	10	#define __S390_UACCESS_H
	11
	12	/*
	13	* User space memory access functions
	14	*/
	15	#include <linux/sched.h>
	16	#include <linux/errno.h>
a0616cde	17	#include <asm/ctl_reg.h>
1da177e4 LT	18
	19	#define VERIFY_READ 0
	20	#define VERIFY_WRITE 1
	21
	22
	23	/*
	24	* The fs value determines whether argument validity checking should be
	25	* performed or not. If get_fs() == USER_DS, checking is performed, with
	26	* get_fs() == KERNEL_DS, checking is bypassed.
	27	*
	28	* For historical reasons, these macros are grossly misnamed.
	29	*/
	30
	31	#define MAKE_MM_SEG(a) ((mm_segment_t) { (a) })
	32
	33
	34	#define KERNEL_DS MAKE_MM_SEG(0)
	35	#define USER_DS MAKE_MM_SEG(1)
	36
	37	#define get_ds() (KERNEL_DS)
	38	#define get_fs() (current->thread.mm_segment)
	39
1da177e4 LT	40	#define set_fs(x) \
	41	({ \
	42	unsigned long __pto; \
	43	current->thread.mm_segment = (x); \
	44	__pto = current->thread.mm_segment.ar4 ? \
	45	S390_lowcore.user_asce : S390_lowcore.kernel_asce; \
94c12cc7	46	__ctl_load(__pto, 7, 7); \
1da177e4	47	})
1da177e4 LT	48
	49	#define segment_eq(a,b) ((a).ar4 == (b).ar4)
	50
491af990 HC	51	static inline int __range_ok(unsigned long addr, unsigned long size)
	52	{
	53	return 1;
	54	}
	55
	56	#define __access_ok(addr, size) \
	57	({ \
	58	__chk_user_ptr(addr); \
	59	__range_ok((unsigned long)(addr), (size)); \
7683f744	60	})
1da177e4	61
7683f744	62	#define access_ok(type, addr, size) __access_ok(addr, size)
1da177e4	63
1da177e4 LT	64	/*
	65	* The exception table consists of pairs of addresses: the first is the
	66	* address of an instruction that is allowed to fault, and the second is
	67	* the address at which the program should continue. No registers are
	68	* modified, so it is entirely up to the continuation code to figure out
	69	* what to do.
	70	*
	71	* All the routines below use bits of fixup code that are out of line
	72	* with the main instruction path. This means when everything is well,
	73	* we don't even have to jump over them. Further, they do not intrude
	74	* on our cache or tlb entries.
	75	*/
	76
	77	struct exception_table_entry
	78	{
eb608fb3	79	int insn, fixup;
1da177e4 LT	80	};
1da177e4 LT	81
eb608fb3 HC	82	static inline unsigned long extable_insn(const struct exception_table_entry *x)
	83	{
	84	return (unsigned long)&x->insn + x->insn;
	85	}
	86
	87	static inline unsigned long extable_fixup(const struct exception_table_entry *x)
	88	{
	89	return (unsigned long)&x->fixup + x->fixup;
	90	}
	91
	92	#define ARCH_HAS_SORT_EXTABLE
	93	#define ARCH_HAS_SEARCH_EXTABLE
	94
4f41c2b4 HC	95	/**
	96	* __copy_from_user: - Copy a block of data from user space, with less checking.
	97	* @to: Destination address, in kernel space.
	98	* @from: Source address, in user space.
	99	* @n: Number of bytes to copy.
	100	*
	101	* Context: User context only. This function may sleep.
	102	*
	103	* Copy data from user space to kernel space. Caller must check
	104	* the specified block with access_ok() before calling this function.
	105	*
	106	* Returns number of bytes that could not be copied.
	107	* On success, this will be zero.
	108	*
	109	* If some data could not be copied, this function will pad the copied
	110	* data to the requested size using zero bytes.
	111	*/
211deca6 HC	112	unsigned long __must_check __copy_from_user(void to, const void __user from,
211deca6 HC	113	unsigned long n);
4f41c2b4 HC	114
	115	/**
	116	* __copy_to_user: - Copy a block of data into user space, with less checking.
	117	* @to: Destination address, in user space.
	118	* @from: Source address, in kernel space.
	119	* @n: Number of bytes to copy.
	120	*
	121	* Context: User context only. This function may sleep.
	122	*
	123	* Copy data from kernel space to user space. Caller must check
	124	* the specified block with access_ok() before calling this function.
	125	*
	126	* Returns number of bytes that could not be copied.
	127	* On success, this will be zero.
	128	*/
	129	unsigned long __must_check __copy_to_user(void __user to, const void from,
	130	unsigned long n);
d02765d1	131
4f41c2b4 HC	132	#define __copy_to_user_inatomic __copy_to_user
4f41c2b4 HC	133	#define __copy_from_user_inatomic __copy_from_user
6c1e3e79	134
211deca6	135	static inline int __put_user_fn(void x, void __user ptr, unsigned long size)
d02765d1	136	{
4f41c2b4 HC	137	size = __copy_to_user(ptr, x, size);
4f41c2b4 HC	138	return size ? -EFAULT : 0;
d02765d1 GS	139	}
d02765d1 GS	140
211deca6	141	static inline int __get_user_fn(void x, const void __user ptr, unsigned long size)
d02765d1	142	{
4f41c2b4 HC	143	size = __copy_from_user(x, ptr, size);
4f41c2b4 HC	144	return size ? -EFAULT : 0;
d02765d1	145	}
1da177e4 LT	146
	147	/*
	148	* These are the main single-value transfer routines. They automatically
	149	* use the right size if we just have the right pointer type.
	150	*/
1da177e4 LT	151	#define __put_user(x, ptr) \
	152	({ \
	153	__typeof__(*(ptr)) __x = (x); \
d02765d1	154	int __pu_err = -EFAULT; \
17566c3c	155	__chk_user_ptr(ptr); \
1da177e4 LT	156	switch (sizeof (*(ptr))) { \
	157	case 1: \
	158	case 2: \
	159	case 4: \
	160	case 8: \
cfa785e6 HC	161	__pu_err = __put_user_fn(&__x, ptr, \
cfa785e6 HC	162	sizeof(*(ptr))); \
1da177e4 LT	163	break; \
	164	default: \
	165	__put_user_bad(); \
	166	break; \
	167	} \
	168	__pu_err; \
	169	})
1da177e4 LT	170
	171	#define put_user(x, ptr) \
	172	({ \
dab4079d	173	might_fault(); \
1da177e4 LT	174	__put_user(x, ptr); \
	175	})
	176
	177
4f41c2b4	178	int __put_user_bad(void) __attribute__((noreturn));
1da177e4	179
1da177e4 LT	180	#define __get_user(x, ptr) \
1da177e4 LT	181	({ \
d02765d1 GS	182	int __gu_err = -EFAULT; \
d02765d1 GS	183	__chk_user_ptr(ptr); \
1da177e4	184	switch (sizeof(*(ptr))) { \
1047aa77 MS	185	case 1: { \
1047aa77 MS	186	unsigned char __x; \
cfa785e6 HC	187	__gu_err = __get_user_fn(&__x, ptr, \
cfa785e6 HC	188	sizeof(*(ptr))); \
97fa5a66	189	(x) = (__force __typeof__((ptr)) *) &__x; \
1047aa77 MS	190	break; \
	191	}; \
	192	case 2: { \
	193	unsigned short __x; \
cfa785e6 HC	194	__gu_err = __get_user_fn(&__x, ptr, \
cfa785e6 HC	195	sizeof(*(ptr))); \
97fa5a66	196	(x) = (__force __typeof__((ptr)) *) &__x; \
1047aa77 MS	197	break; \
	198	}; \
	199	case 4: { \
	200	unsigned int __x; \
cfa785e6 HC	201	__gu_err = __get_user_fn(&__x, ptr, \
cfa785e6 HC	202	sizeof(*(ptr))); \
97fa5a66	203	(x) = (__force __typeof__((ptr)) *) &__x; \
1047aa77 MS	204	break; \
	205	}; \
	206	case 8: { \
	207	unsigned long long __x; \
cfa785e6 HC	208	__gu_err = __get_user_fn(&__x, ptr, \
cfa785e6 HC	209	sizeof(*(ptr))); \
97fa5a66	210	(x) = (__force __typeof__((ptr)) *) &__x; \
1da177e4	211	break; \
1047aa77	212	}; \
1da177e4 LT	213	default: \
	214	__get_user_bad(); \
	215	break; \
	216	} \
1da177e4 LT	217	__gu_err; \
1da177e4 LT	218	})
1da177e4 LT	219
	220	#define get_user(x, ptr) \
	221	({ \
dab4079d	222	might_fault(); \
1da177e4 LT	223	__get_user(x, ptr); \
	224	})
	225
4f41c2b4	226	int __get_user_bad(void) __attribute__((noreturn));
1da177e4 LT	227
	228	#define __put_user_unaligned __put_user
	229	#define __get_user_unaligned __get_user
	230
1da177e4 LT	231	/**
	232	* copy_to_user: - Copy a block of data into user space.
	233	* @to: Destination address, in user space.
	234	* @from: Source address, in kernel space.
	235	* @n: Number of bytes to copy.
	236	*
	237	* Context: User context only. This function may sleep.
	238	*
	239	* Copy data from kernel space to user space.
	240	*
	241	* Returns number of bytes that could not be copied.
	242	* On success, this will be zero.
	243	*/
f7675ad7	244	static inline unsigned long __must_check
1da177e4 LT	245	copy_to_user(void __user to, const void from, unsigned long n)
1da177e4 LT	246	{
dab4079d	247	might_fault();
d12a2970	248	return __copy_to_user(to, from, n);
1da177e4 LT	249	}
1da177e4 LT	250
4f41c2b4	251	void copy_from_user_overflow(void)
1dcec254 HC	252	#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
	253	__compiletime_warning("copy_from_user() buffer size is not provably correct")
	254	#endif
	255	;
	256
1da177e4 LT	257	/**
	258	* copy_from_user: - Copy a block of data from user space.
	259	* @to: Destination address, in kernel space.
	260	* @from: Source address, in user space.
	261	* @n: Number of bytes to copy.
	262	*
	263	* Context: User context only. This function may sleep.
	264	*
	265	* Copy data from user space to kernel space.
	266	*
	267	* Returns number of bytes that could not be copied.
	268	* On success, this will be zero.
	269	*
	270	* If some data could not be copied, this function will pad the copied
	271	* data to the requested size using zero bytes.
	272	*/
f7675ad7	273	static inline unsigned long __must_check
1da177e4 LT	274	copy_from_user(void to, const void __user from, unsigned long n)
1da177e4 LT	275	{
1dcec254 HC	276	unsigned int sz = __compiletime_object_size(to);
1dcec254 HC	277
dab4079d	278	might_fault();
1dcec254 HC	279	if (unlikely(sz != -1 && sz < n)) {
	280	copy_from_user_overflow();
	281	return n;
	282	}
d12a2970	283	return __copy_from_user(to, from, n);
1da177e4 LT	284	}
1da177e4 LT	285
4f41c2b4 HC	286	unsigned long __must_check
4f41c2b4 HC	287	__copy_in_user(void __user to, const void __user from, unsigned long n);
1da177e4	288
f7675ad7	289	static inline unsigned long __must_check
1da177e4 LT	290	copy_in_user(void __user to, const void __user from, unsigned long n)
1da177e4 LT	291	{
dab4079d	292	might_fault();
d12a2970	293	return __copy_in_user(to, from, n);
1da177e4 LT	294	}
	295
	296	/*
	297	* Copy a null terminated string from userspace.
	298	*/
4f41c2b4 HC	299
	300	long __strncpy_from_user(char dst, const char __user src, long count);
	301
f7675ad7	302	static inline long __must_check
1da177e4 LT	303	strncpy_from_user(char dst, const char __user src, long count)
1da177e4 LT	304	{
dab4079d	305	might_fault();
4f41c2b4	306	return __strncpy_from_user(dst, src, count);
1da177e4 LT	307	}
1da177e4 LT	308
211deca6	309	unsigned long __must_check __strnlen_user(const char __user *src, unsigned long count);
4f41c2b4	310
211deca6	311	static inline unsigned long strnlen_user(const char __user *src, unsigned long n)
1da177e4	312	{
dab4079d	313	might_fault();
4f41c2b4	314	return __strnlen_user(src, n);
1da177e4 LT	315	}
	316
	317	/**
	318	* strlen_user: - Get the size of a string in user space.
	319	* @str: The string to measure.
	320	*
	321	* Context: User context only. This function may sleep.
	322	*
	323	* Get the size of a NUL-terminated string in user space.
	324	*
	325	* Returns the size of the string INCLUDING the terminating NUL.
	326	* On exception, returns 0.
	327	*
	328	* If there is a limit on the length of a valid string, you may wish to
	329	* consider using strnlen_user() instead.
	330	*/
	331	#define strlen_user(str) strnlen_user(str, ~0UL)
	332
	333	/*
	334	* Zero Userspace
	335	*/
211deca6	336	unsigned long __must_check __clear_user(void __user *to, unsigned long size);
1da177e4	337
211deca6	338	static inline unsigned long __must_check clear_user(void __user *to, unsigned long n)
1da177e4	339	{
dab4079d	340	might_fault();
4f41c2b4	341	return __clear_user(to, n);
1da177e4 LT	342	}
1da177e4 LT	343
211deca6	344	int copy_to_user_real(void __user dest, void src, unsigned long count);
a0616cde	345
1da177e4	346	#endif /* __S390_UACCESS_H */