]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - arch/s390/include/asm/uaccess.h
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
s390/uaccess: always run the kernel in home space
[mirror_ubuntu-artful-kernel.git] / arch / s390 / include / asm / uaccess.h
1 /*
2 * S390 version
3 * Copyright IBM Corp. 1999, 2000
4 * Author(s): Hartmut Penner (hp@de.ibm.com),
5 * Martin Schwidefsky (schwidefsky@de.ibm.com)
6 *
7 * Derived from "include/asm-i386/uaccess.h"
8 */
9 #ifndef __S390_UACCESS_H
10 #define __S390_UACCESS_H
11
12 /*
13 * User space memory access functions
14 */
15 #include <linux/sched.h>
16 #include <linux/errno.h>
17 #include <asm/ctl_reg.h>
18
19 #define VERIFY_READ 0
20 #define VERIFY_WRITE 1
21
22
23 /*
24 * The fs value determines whether argument validity checking should be
25 * performed or not. If get_fs() == USER_DS, checking is performed, with
26 * get_fs() == KERNEL_DS, checking is bypassed.
27 *
28 * For historical reasons, these macros are grossly misnamed.
29 */
30
31 #define MAKE_MM_SEG(a) ((mm_segment_t) { (a) })
32
33
34 #define KERNEL_DS MAKE_MM_SEG(0)
35 #define USER_DS MAKE_MM_SEG(1)
36
37 #define get_ds() (KERNEL_DS)
38 #define get_fs() (current->thread.mm_segment)
39
40 #define set_fs(x) \
41 ({ \
42 unsigned long __pto; \
43 current->thread.mm_segment = (x); \
44 __pto = current->thread.mm_segment.ar4 ? \
45 S390_lowcore.user_asce : S390_lowcore.kernel_asce; \
46 __ctl_load(__pto, 7, 7); \
47 })
48
49 #define segment_eq(a,b) ((a).ar4 == (b).ar4)
50
51 static inline int __range_ok(unsigned long addr, unsigned long size)
52 {
53 return 1;
54 }
55
56 #define __access_ok(addr, size) \
57 ({ \
58 __chk_user_ptr(addr); \
59 __range_ok((unsigned long)(addr), (size)); \
60 })
61
62 #define access_ok(type, addr, size) __access_ok(addr, size)
63
64 /*
65 * The exception table consists of pairs of addresses: the first is the
66 * address of an instruction that is allowed to fault, and the second is
67 * the address at which the program should continue. No registers are
68 * modified, so it is entirely up to the continuation code to figure out
69 * what to do.
70 *
71 * All the routines below use bits of fixup code that are out of line
72 * with the main instruction path. This means when everything is well,
73 * we don't even have to jump over them. Further, they do not intrude
74 * on our cache or tlb entries.
75 */
76
77 struct exception_table_entry
78 {
79 int insn, fixup;
80 };
81
82 static inline unsigned long extable_insn(const struct exception_table_entry *x)
83 {
84 return (unsigned long)&x->insn + x->insn;
85 }
86
87 static inline unsigned long extable_fixup(const struct exception_table_entry *x)
88 {
89 return (unsigned long)&x->fixup + x->fixup;
90 }
91
92 #define ARCH_HAS_SORT_EXTABLE
93 #define ARCH_HAS_SEARCH_EXTABLE
94
95 struct uaccess_ops {
96 size_t (*copy_from_user)(size_t, const void __user *, void *);
97 size_t (*copy_to_user)(size_t, void __user *, const void *);
98 size_t (*copy_in_user)(size_t, void __user *, const void __user *);
99 size_t (*clear_user)(size_t, void __user *);
100 size_t (*strnlen_user)(size_t, const char __user *);
101 size_t (*strncpy_from_user)(size_t, const char __user *, char *);
102 int (*futex_atomic_op)(int op, u32 __user *, int oparg, int *old);
103 int (*futex_atomic_cmpxchg)(u32 *, u32 __user *, u32 old, u32 new);
104 };
105
106 extern struct uaccess_ops uaccess;
107 extern struct uaccess_ops uaccess_mvcos;
108 extern struct uaccess_ops uaccess_pt;
109
110 extern int __handle_fault(unsigned long, unsigned long, int);
111
112 static inline int __put_user_fn(size_t size, void __user *ptr, void *x)
113 {
114 size = uaccess.copy_to_user(size, ptr, x);
115 return size ? -EFAULT : size;
116 }
117
118 static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
119 {
120 size = uaccess.copy_from_user(size, ptr, x);
121 return size ? -EFAULT : size;
122 }
123
124 /*
125 * These are the main single-value transfer routines. They automatically
126 * use the right size if we just have the right pointer type.
127 */
128 #define __put_user(x, ptr) \
129 ({ \
130 __typeof__(*(ptr)) __x = (x); \
131 int __pu_err = -EFAULT; \
132 __chk_user_ptr(ptr); \
133 switch (sizeof (*(ptr))) { \
134 case 1: \
135 case 2: \
136 case 4: \
137 case 8: \
138 __pu_err = __put_user_fn(sizeof (*(ptr)), \
139 ptr, &__x); \
140 break; \
141 default: \
142 __put_user_bad(); \
143 break; \
144 } \
145 __pu_err; \
146 })
147
148 #define put_user(x, ptr) \
149 ({ \
150 might_fault(); \
151 __put_user(x, ptr); \
152 })
153
154
155 extern int __put_user_bad(void) __attribute__((noreturn));
156
157 #define __get_user(x, ptr) \
158 ({ \
159 int __gu_err = -EFAULT; \
160 __chk_user_ptr(ptr); \
161 switch (sizeof(*(ptr))) { \
162 case 1: { \
163 unsigned char __x; \
164 __gu_err = __get_user_fn(sizeof (*(ptr)), \
165 ptr, &__x); \
166 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
167 break; \
168 }; \
169 case 2: { \
170 unsigned short __x; \
171 __gu_err = __get_user_fn(sizeof (*(ptr)), \
172 ptr, &__x); \
173 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
174 break; \
175 }; \
176 case 4: { \
177 unsigned int __x; \
178 __gu_err = __get_user_fn(sizeof (*(ptr)), \
179 ptr, &__x); \
180 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
181 break; \
182 }; \
183 case 8: { \
184 unsigned long long __x; \
185 __gu_err = __get_user_fn(sizeof (*(ptr)), \
186 ptr, &__x); \
187 (x) = *(__force __typeof__(*(ptr)) *) &__x; \
188 break; \
189 }; \
190 default: \
191 __get_user_bad(); \
192 break; \
193 } \
194 __gu_err; \
195 })
196
197 #define get_user(x, ptr) \
198 ({ \
199 might_fault(); \
200 __get_user(x, ptr); \
201 })
202
203 extern int __get_user_bad(void) __attribute__((noreturn));
204
205 #define __put_user_unaligned __put_user
206 #define __get_user_unaligned __get_user
207
208 /**
209 * __copy_to_user: - Copy a block of data into user space, with less checking.
210 * @to: Destination address, in user space.
211 * @from: Source address, in kernel space.
212 * @n: Number of bytes to copy.
213 *
214 * Context: User context only. This function may sleep.
215 *
216 * Copy data from kernel space to user space. Caller must check
217 * the specified block with access_ok() before calling this function.
218 *
219 * Returns number of bytes that could not be copied.
220 * On success, this will be zero.
221 */
222 static inline unsigned long __must_check
223 __copy_to_user(void __user *to, const void *from, unsigned long n)
224 {
225 return uaccess.copy_to_user(n, to, from);
226 }
227
228 #define __copy_to_user_inatomic __copy_to_user
229 #define __copy_from_user_inatomic __copy_from_user
230
231 /**
232 * copy_to_user: - Copy a block of data into user space.
233 * @to: Destination address, in user space.
234 * @from: Source address, in kernel space.
235 * @n: Number of bytes to copy.
236 *
237 * Context: User context only. This function may sleep.
238 *
239 * Copy data from kernel space to user space.
240 *
241 * Returns number of bytes that could not be copied.
242 * On success, this will be zero.
243 */
244 static inline unsigned long __must_check
245 copy_to_user(void __user *to, const void *from, unsigned long n)
246 {
247 might_fault();
248 return __copy_to_user(to, from, n);
249 }
250
251 /**
252 * __copy_from_user: - Copy a block of data from user space, with less checking.
253 * @to: Destination address, in kernel space.
254 * @from: Source address, in user space.
255 * @n: Number of bytes to copy.
256 *
257 * Context: User context only. This function may sleep.
258 *
259 * Copy data from user space to kernel space. Caller must check
260 * the specified block with access_ok() before calling this function.
261 *
262 * Returns number of bytes that could not be copied.
263 * On success, this will be zero.
264 *
265 * If some data could not be copied, this function will pad the copied
266 * data to the requested size using zero bytes.
267 */
268 static inline unsigned long __must_check
269 __copy_from_user(void *to, const void __user *from, unsigned long n)
270 {
271 return uaccess.copy_from_user(n, from, to);
272 }
273
274 extern void copy_from_user_overflow(void)
275 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
276 __compiletime_warning("copy_from_user() buffer size is not provably correct")
277 #endif
278 ;
279
280 /**
281 * copy_from_user: - Copy a block of data from user space.
282 * @to: Destination address, in kernel space.
283 * @from: Source address, in user space.
284 * @n: Number of bytes to copy.
285 *
286 * Context: User context only. This function may sleep.
287 *
288 * Copy data from user space to kernel space.
289 *
290 * Returns number of bytes that could not be copied.
291 * On success, this will be zero.
292 *
293 * If some data could not be copied, this function will pad the copied
294 * data to the requested size using zero bytes.
295 */
296 static inline unsigned long __must_check
297 copy_from_user(void *to, const void __user *from, unsigned long n)
298 {
299 unsigned int sz = __compiletime_object_size(to);
300
301 might_fault();
302 if (unlikely(sz != -1 && sz < n)) {
303 copy_from_user_overflow();
304 return n;
305 }
306 return __copy_from_user(to, from, n);
307 }
308
309 static inline unsigned long __must_check
310 __copy_in_user(void __user *to, const void __user *from, unsigned long n)
311 {
312 return uaccess.copy_in_user(n, to, from);
313 }
314
315 static inline unsigned long __must_check
316 copy_in_user(void __user *to, const void __user *from, unsigned long n)
317 {
318 might_fault();
319 return __copy_in_user(to, from, n);
320 }
321
322 /*
323 * Copy a null terminated string from userspace.
324 */
325 static inline long __must_check
326 strncpy_from_user(char *dst, const char __user *src, long count)
327 {
328 might_fault();
329 return uaccess.strncpy_from_user(count, src, dst);
330 }
331
332 static inline unsigned long
333 strnlen_user(const char __user * src, unsigned long n)
334 {
335 might_fault();
336 return uaccess.strnlen_user(n, src);
337 }
338
339 /**
340 * strlen_user: - Get the size of a string in user space.
341 * @str: The string to measure.
342 *
343 * Context: User context only. This function may sleep.
344 *
345 * Get the size of a NUL-terminated string in user space.
346 *
347 * Returns the size of the string INCLUDING the terminating NUL.
348 * On exception, returns 0.
349 *
350 * If there is a limit on the length of a valid string, you may wish to
351 * consider using strnlen_user() instead.
352 */
353 #define strlen_user(str) strnlen_user(str, ~0UL)
354
355 /*
356 * Zero Userspace
357 */
358
359 static inline unsigned long __must_check
360 __clear_user(void __user *to, unsigned long n)
361 {
362 return uaccess.clear_user(n, to);
363 }
364
365 static inline unsigned long __must_check
366 clear_user(void __user *to, unsigned long n)
367 {
368 might_fault();
369 return uaccess.clear_user(n, to);
370 }
371
372 extern int copy_to_user_real(void __user *dest, void *src, size_t count);
373 extern int copy_from_user_real(void *dest, void __user *src, size_t count);
374
375 #endif /* __S390_UACCESS_H */
Ubuntu Artful kernel mirror