2 * Based on arch/arm/include/asm/uaccess.h
4 * Copyright (C) 2012 ARM Ltd.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 #ifndef __ASM_UACCESS_H
19 #define __ASM_UACCESS_H
22 * User space memory access functions
24 #include <linux/bitops.h>
25 #include <linux/string.h>
26 #include <linux/thread_info.h>
28 #include <asm/alternative.h>
29 #include <asm/cpufeature.h>
30 #include <asm/ptrace.h>
31 #include <asm/sysreg.h>
32 #include <asm/errno.h>
33 #include <asm/memory.h>
34 #include <asm/compiler.h>
37 #define VERIFY_WRITE 1
40 * The exception table consists of pairs of addresses: the first is the
41 * address of an instruction that is allowed to fault, and the second is
42 * the address at which the program should continue. No registers are
43 * modified, so it is entirely up to the continuation code to figure out
46 * All the routines below use bits of fixup code that are out of line
47 * with the main instruction path. This means when everything is well,
48 * we don't even have to jump over them. Further, they do not intrude
49 * on our cache or tlb entries.
52 struct exception_table_entry
54 unsigned long insn, fixup;
57 extern int fixup_exception(struct pt_regs *regs);
59 #define KERNEL_DS (-1UL)
60 #define get_ds() (KERNEL_DS)
62 #define USER_DS TASK_SIZE_64
63 #define get_fs() (current_thread_info()->addr_limit)
65 static inline void set_fs(mm_segment_t fs)
67 current_thread_info()->addr_limit = fs;
70 #define segment_eq(a, b) ((a) == (b))
73 * Return 1 if addr < current->addr_limit, 0 otherwise.
75 #define __addr_ok(addr) \
78 asm("cmp %1, %0; cset %0, lo" \
80 : "r" (addr), "0" (current_thread_info()->addr_limit) \
86 * Test whether a block of memory is a valid user space address.
87 * Returns 1 if the range is valid, 0 otherwise.
89 * This is equivalent to the following test:
90 * (u65)addr + (u65)size <= current->addr_limit
92 * This needs 65-bit arithmetic.
94 #define __range_ok(addr, size) \
96 unsigned long __addr = (unsigned long __force)(addr); \
97 unsigned long flag, roksum; \
98 __chk_user_ptr(addr); \
99 asm("adds %1, %1, %3; ccmp %1, %4, #2, cc; cset %0, ls" \
100 : "=&r" (flag), "=&r" (roksum) \
101 : "1" (__addr), "Ir" (size), \
102 "r" (current_thread_info()->addr_limit) \
108 * When dealing with data aborts, watchpoints, or instruction traps we may end
109 * up with a tagged userland pointer. Clear the tag to get a sane pointer to
110 * pass on to access_ok(), for instance.
112 #define untagged_addr(addr) sign_extend64(addr, 55)
114 #define access_ok(type, addr, size) __range_ok(addr, size)
115 #define user_addr_max get_fs
118 * The "__xxx" versions of the user access functions do not verify the address
119 * space - it must have been done previously with a separate "access_ok()"
122 * The "__xxx_error" versions set the third argument to -EFAULT if an error
123 * occurs, and leave it unchanged on success.
125 #define __get_user_asm(instr, reg, x, addr, err) \
127 "1: " instr " " reg "1, [%2]\n" \
129 " .section .fixup, \"ax\"\n" \
135 " .section __ex_table,\"a\"\n" \
139 : "+r" (err), "=&r" (x) \
140 : "r" (addr), "i" (-EFAULT))
142 #define __get_user_err(x, ptr, err) \
144 unsigned long __gu_val; \
145 __chk_user_ptr(ptr); \
146 asm(ALTERNATIVE("nop", SET_PSTATE_PAN(0), ARM64_HAS_PAN, \
147 CONFIG_ARM64_PAN)); \
148 switch (sizeof(*(ptr))) { \
150 __get_user_asm("ldrb", "%w", __gu_val, (ptr), (err)); \
153 __get_user_asm("ldrh", "%w", __gu_val, (ptr), (err)); \
156 __get_user_asm("ldr", "%w", __gu_val, (ptr), (err)); \
159 __get_user_asm("ldr", "%", __gu_val, (ptr), (err)); \
164 (x) = (__force __typeof__(*(ptr)))__gu_val; \
165 asm(ALTERNATIVE("nop", SET_PSTATE_PAN(1), ARM64_HAS_PAN, \
166 CONFIG_ARM64_PAN)); \
169 #define __get_user(x, ptr) \
172 __get_user_err((x), (ptr), __gu_err); \
176 #define __get_user_error(x, ptr, err) \
178 __get_user_err((x), (ptr), (err)); \
182 #define __get_user_unaligned __get_user
184 #define get_user(x, ptr) \
186 __typeof__(*(ptr)) __user *__p = (ptr); \
188 access_ok(VERIFY_READ, __p, sizeof(*__p)) ? \
189 __get_user((x), __p) : \
190 ((x) = 0, -EFAULT); \
193 #define __put_user_asm(instr, reg, x, addr, err) \
195 "1: " instr " " reg "1, [%2]\n" \
197 " .section .fixup,\"ax\"\n" \
202 " .section __ex_table,\"a\"\n" \
207 : "r" (x), "r" (addr), "i" (-EFAULT))
209 #define __put_user_err(x, ptr, err) \
211 __typeof__(*(ptr)) __pu_val = (x); \
212 __chk_user_ptr(ptr); \
213 asm(ALTERNATIVE("nop", SET_PSTATE_PAN(0), ARM64_HAS_PAN, \
214 CONFIG_ARM64_PAN)); \
215 switch (sizeof(*(ptr))) { \
217 __put_user_asm("strb", "%w", __pu_val, (ptr), (err)); \
220 __put_user_asm("strh", "%w", __pu_val, (ptr), (err)); \
223 __put_user_asm("str", "%w", __pu_val, (ptr), (err)); \
226 __put_user_asm("str", "%", __pu_val, (ptr), (err)); \
231 asm(ALTERNATIVE("nop", SET_PSTATE_PAN(1), ARM64_HAS_PAN, \
232 CONFIG_ARM64_PAN)); \
235 #define __put_user(x, ptr) \
238 __put_user_err((x), (ptr), __pu_err); \
242 #define __put_user_error(x, ptr, err) \
244 __put_user_err((x), (ptr), (err)); \
248 #define __put_user_unaligned __put_user
250 #define put_user(x, ptr) \
252 __typeof__(*(ptr)) __user *__p = (ptr); \
254 access_ok(VERIFY_WRITE, __p, sizeof(*__p)) ? \
255 __put_user((x), __p) : \
259 extern unsigned long __must_check __copy_from_user(void *to, const void __user *from, unsigned long n);
260 extern unsigned long __must_check __copy_to_user(void __user *to, const void *from, unsigned long n);
261 extern unsigned long __must_check __copy_in_user(void __user *to, const void __user *from, unsigned long n);
262 extern unsigned long __must_check __clear_user(void __user *addr, unsigned long n);
264 static inline unsigned long __must_check copy_from_user(void *to, const void __user *from, unsigned long n)
266 if (access_ok(VERIFY_READ, from, n))
267 n = __copy_from_user(to, from, n);
268 else /* security hole - plug it */
273 static inline unsigned long __must_check copy_to_user(void __user *to, const void *from, unsigned long n)
275 if (access_ok(VERIFY_WRITE, to, n))
276 n = __copy_to_user(to, from, n);
280 static inline unsigned long __must_check copy_in_user(void __user *to, const void __user *from, unsigned long n)
282 if (access_ok(VERIFY_READ, from, n) && access_ok(VERIFY_WRITE, to, n))
283 n = __copy_in_user(to, from, n);
287 #define __copy_to_user_inatomic __copy_to_user
288 #define __copy_from_user_inatomic __copy_from_user
290 static inline unsigned long __must_check clear_user(void __user *to, unsigned long n)
292 if (access_ok(VERIFY_WRITE, to, n))
293 n = __clear_user(to, n);
297 extern long strncpy_from_user(char *dest, const char __user *src, long count);
299 extern __must_check long strlen_user(const char __user *str);
300 extern __must_check long strnlen_user(const char __user *str, long n);
302 #endif /* __ASM_UACCESS_H */