search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge with Linux 2.5.73.
[linux-2.6/linux-mips.git] / include / asm-i386 / uaccess.h
blobb7744806aed68cbf4bcd83071663cd8cadc42857
1 #ifndef __i386_UACCESS_H
2 #define __i386_UACCESS_H
3
4 /*
5 * User space memory access functions
6 */
7 #include <linux/config.h>
8 #include <linux/errno.h>
9 #include <linux/thread_info.h>
10 #include <linux/prefetch.h>
11 #include <linux/string.h>
12 #include <asm/page.h>
13
14 #define VERIFY_READ 0
15 #define VERIFY_WRITE 1
16
17 /*
18 * The fs value determines whether argument validity checking should be
19 * performed or not. If get_fs() == USER_DS, checking is performed, with
20 * get_fs() == KERNEL_DS, checking is bypassed.
21 *
22 * For historical reasons, these macros are grossly misnamed.
23 */
24
25 #define MAKE_MM_SEG(s) ((mm_segment_t) { (s) })
26
27
28 #define KERNEL_DS MAKE_MM_SEG(0xFFFFFFFFUL)
29 #define USER_DS MAKE_MM_SEG(PAGE_OFFSET)
30
31 #define get_ds() (KERNEL_DS)
32 #define get_fs() (current_thread_info()->addr_limit)
33 #define set_fs(x) (current_thread_info()->addr_limit = (x))
34
35 #define segment_eq(a,b) ((a).seg == (b).seg)
36
37 /*
38 * movsl can be slow when source and dest are not both 8-byte aligned
39 */
40 #ifdef CONFIG_X86_INTEL_USERCOPY
41 extern struct movsl_mask {
42 int mask;
43 } ____cacheline_aligned_in_smp movsl_mask;
44 #endif
45
46 #define __addr_ok(addr) ((unsigned long)(addr) < (current_thread_info()->addr_limit.seg))
47
48 /*
49 * Test whether a block of memory is a valid user space address.
50 * Returns 0 if the range is valid, nonzero otherwise.
51 *
52 * This is equivalent to the following test:
53 * (u33)addr + (u33)size >= (u33)current->addr_limit.seg
54 *
55 * This needs 33-bit arithmetic. We have a carry...
56 */
57 #define __range_ok(addr,size) ({ \
58 unsigned long flag,sum; \
59 asm("addl %3,%1 ; sbbl %0,%0; cmpl %1,%4; sbbl $0,%0" \
60 :"=&r" (flag), "=r" (sum) \
61 :"1" (addr),"g" ((int)(size)),"g" (current_thread_info()->addr_limit.seg)); \
62 flag; })
63
64 /**
65 * access_ok: - Checks if a user space pointer is valid
66 * @type: Type of access: %VERIFY_READ or %VERIFY_WRITE. Note that
67 * %VERIFY_WRITE is a superset of %VERIFY_READ - if it is safe
68 * to write to a block, it is always safe to read from it.
69 * @addr: User space pointer to start of block to check
70 * @size: Size of block to check
71 *
72 * Context: User context only. This function may sleep.
73 *
74 * Checks if a pointer to a block of memory in user space is valid.
75 *
76 * Returns true (nonzero) if the memory block may be valid, false (zero)
77 * if it is definitely invalid.
78 *
79 * Note that, depending on architecture, this function probably just
80 * checks that the pointer is in the user space range - after calling
81 * this function, memory access functions may still return -EFAULT.
82 */
83 #define access_ok(type,addr,size) (__range_ok(addr,size) == 0)
84
85 /**
86 * verify_area: - Obsolete, use access_ok()
87 * @type: Type of access: %VERIFY_READ or %VERIFY_WRITE
88 * @addr: User space pointer to start of block to check
89 * @size: Size of block to check
90 *
91 * Context: User context only. This function may sleep.
92 *
93 * This function has been replaced by access_ok().
94 *
95 * Checks if a pointer to a block of memory in user space is valid.
96 *
97 * Returns zero if the memory block may be valid, -EFAULT
98 * if it is definitely invalid.
99 *
100 * See access_ok() for more details.
101 */
102 static inline int verify_area(int type, const void __user * addr, unsigned long size)
103 {
104 return access_ok(type,addr,size) ? 0 : -EFAULT;
105 }
106
107
108 /*
109 * The exception table consists of pairs of addresses: the first is the
110 * address of an instruction that is allowed to fault, and the second is
111 * the address at which the program should continue. No registers are
112 * modified, so it is entirely up to the continuation code to figure out
113 * what to do.
114 *
115 * All the routines below use bits of fixup code that are out of line
116 * with the main instruction path. This means when everything is well,
117 * we don't even have to jump over them. Further, they do not intrude
118 * on our cache or tlb entries.
119 */
120
121 struct exception_table_entry
122 {
123 unsigned long insn, fixup;
124 };
125
126 extern int fixup_exception(struct pt_regs *regs);
127
128 /*
129 * These are the main single-value transfer routines. They automatically
130 * use the right size if we just have the right pointer type.
131 *
132 * This gets kind of ugly. We want to return _two_ values in "get_user()"
133 * and yet we don't want to do any pointers, because that is too much
134 * of a performance impact. Thus we have a few rather ugly macros here,
135 * and hide all the ugliness from the user.
136 *
137 * The "__xxx" versions of the user access functions are versions that
138 * do not verify the address space, that must have been done previously
139 * with a separate "access_ok()" call (this is used when we do multiple
140 * accesses to the same area of user memory).
141 */
142
143 extern void __get_user_1(void);
144 extern void __get_user_2(void);
145 extern void __get_user_4(void);
146
147 #define __get_user_x(size,ret,x,ptr) \
148 __asm__ __volatile__("call __get_user_" #size \
149 :"=a" (ret),"=d" (x) \
150 :"0" (ptr))
151
152
153 /* Careful: we have to cast the result to the type of the pointer for sign reasons */
154 /**
155 * get_user: - Get a simple variable from user space.
156 * @x: Variable to store result.
157 * @ptr: Source address, in user space.
158 *
159 * Context: User context only. This function may sleep.
160 *
161 * This macro copies a single simple variable from user space to kernel
162 * space. It supports simple types like char and int, but not larger
163 * data types like structures or arrays.
164 *
165 * @ptr must have pointer-to-simple-variable type, and the result of
166 * dereferencing @ptr must be assignable to @x without a cast.
167 *
168 * Returns zero on success, or -EFAULT on error.
169 * On error, the variable @x is set to zero.
170 */
171 #define get_user(x,ptr) \
172 ({ int __ret_gu,__val_gu; \
173 switch(sizeof (*(ptr))) { \
174 case 1: __get_user_x(1,__ret_gu,__val_gu,ptr); break; \
175 case 2: __get_user_x(2,__ret_gu,__val_gu,ptr); break; \
176 case 4: __get_user_x(4,__ret_gu,__val_gu,ptr); break; \
177 default: __get_user_x(X,__ret_gu,__val_gu,ptr); break; \
178 } \
179 (x) = (__typeof__(*(ptr)))__val_gu; \
180 __ret_gu; \
181 })
182
183 extern void __put_user_bad(void);
184
185 /**
186 * put_user: - Write a simple value into user space.
187 * @x: Value to copy to user space.
188 * @ptr: Destination address, in user space.
189 *
190 * Context: User context only. This function may sleep.
191 *
192 * This macro copies a single simple value from kernel space to user
193 * space. It supports simple types like char and int, but not larger
194 * data types like structures or arrays.
195 *
196 * @ptr must have pointer-to-simple-variable type, and @x must be assignable
197 * to the result of dereferencing @ptr.
198 *
199 * Returns zero on success, or -EFAULT on error.
200 */
201 #define put_user(x,ptr) \
202 __put_user_check((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr)))
203
204
205 /**
206 * __get_user: - Get a simple variable from user space, with less checking.
207 * @x: Variable to store result.
208 * @ptr: Source address, in user space.
209 *
210 * Context: User context only. This function may sleep.
211 *
212 * This macro copies a single simple variable from user space to kernel
213 * space. It supports simple types like char and int, but not larger
214 * data types like structures or arrays.
215 *
216 * @ptr must have pointer-to-simple-variable type, and the result of
217 * dereferencing @ptr must be assignable to @x without a cast.
218 *
219 * Caller must check the pointer with access_ok() before calling this
220 * function.
221 *
222 * Returns zero on success, or -EFAULT on error.
223 * On error, the variable @x is set to zero.
224 */
225 #define __get_user(x,ptr) \
226 __get_user_nocheck((x),(ptr),sizeof(*(ptr)))
227
228
229 /**
230 * __put_user: - Write a simple value into user space, with less checking.
231 * @x: Value to copy to user space.
232 * @ptr: Destination address, in user space.
233 *
234 * Context: User context only. This function may sleep.
235 *
236 * This macro copies a single simple value from kernel space to user
237 * space. It supports simple types like char and int, but not larger
238 * data types like structures or arrays.
239 *
240 * @ptr must have pointer-to-simple-variable type, and @x must be assignable
241 * to the result of dereferencing @ptr.
242 *
243 * Caller must check the pointer with access_ok() before calling this
244 * function.
245 *
246 * Returns zero on success, or -EFAULT on error.
247 */
248 #define __put_user(x,ptr) \
249 __put_user_nocheck((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr)))
250
251 #define __put_user_nocheck(x,ptr,size) \
252 ({ \
253 long __pu_err; \
254 __put_user_size((x),(ptr),(size),__pu_err,-EFAULT); \
255 __pu_err; \
256 })
257
258
259 #define __put_user_check(x,ptr,size) \
260 ({ \
261 long __pu_err = -EFAULT; \
262 __typeof__(*(ptr)) *__pu_addr = (ptr); \
263 if (access_ok(VERIFY_WRITE,__pu_addr,size)) \
264 __put_user_size((x),__pu_addr,(size),__pu_err,-EFAULT); \
265 __pu_err; \
266 })
267
268 #define __put_user_u64(x, addr, err) \
269 __asm__ __volatile__( \
270 "1: movl %%eax,0(%2)\n" \
271 "2: movl %%edx,4(%2)\n" \
272 "3:\n" \
273 ".section .fixup,\"ax\"\n" \
274 "4: movl %3,%0\n" \
275 " jmp 3b\n" \
276 ".previous\n" \
277 ".section __ex_table,\"a\"\n" \
278 " .align 4\n" \
279 " .long 1b,4b\n" \
280 " .long 2b,4b\n" \
281 ".previous" \
282 : "=r"(err) \
283 : "A" (x), "r" (addr), "i"(-EFAULT), "0"(err))
284
285 #ifdef CONFIG_X86_WP_WORKS_OK
286
287 #define __put_user_size(x,ptr,size,retval,errret) \
288 do { \
289 retval = 0; \
290 switch (size) { \
291 case 1: __put_user_asm(x,ptr,retval,"b","b","iq",errret);break; \
292 case 2: __put_user_asm(x,ptr,retval,"w","w","ir",errret);break; \
293 case 4: __put_user_asm(x,ptr,retval,"l","","ir",errret); break; \
294 case 8: __put_user_u64((__typeof__(*ptr))(x),ptr,retval); break;\
295 default: __put_user_bad(); \
296 } \
297 } while (0)
298
299 #else
300
301 #define __put_user_size(x,ptr,size,retval,errret) \
302 do { \
303 __typeof__(*(ptr)) __pus_tmp = x; \
304 retval = 0; \
305 \
306 if(unlikely(__copy_to_user_ll(ptr, &__pus_tmp, size) != 0)) \
307 retval = errret; \
308 } while (0)
309
310 #endif
311 struct __large_struct { unsigned long buf[100]; };
312 #define __m(x) (*(struct __large_struct *)(x))
313
314 /*
315 * Tell gcc we read from memory instead of writing: this is because
316 * we do not write to any memory gcc knows about, so there are no
317 * aliasing issues.
318 */
319 #define __put_user_asm(x, addr, err, itype, rtype, ltype, errret) \
320 __asm__ __volatile__( \
321 "1: mov"itype" %"rtype"1,%2\n" \
322 "2:\n" \
323 ".section .fixup,\"ax\"\n" \
324 "3: movl %3,%0\n" \
325 " jmp 2b\n" \
326 ".previous\n" \
327 ".section __ex_table,\"a\"\n" \
328 " .align 4\n" \
329 " .long 1b,3b\n" \
330 ".previous" \
331 : "=r"(err) \
332 : ltype (x), "m"(__m(addr)), "i"(errret), "0"(err))
333
334
335 #define __get_user_nocheck(x,ptr,size) \
336 ({ \
337 long __gu_err, __gu_val; \
338 __get_user_size(__gu_val,(ptr),(size),__gu_err,-EFAULT);\
339 (x) = (__typeof__(*(ptr)))__gu_val; \
340 __gu_err; \
341 })
342
343 extern long __get_user_bad(void);
344
345 #define __get_user_size(x,ptr,size,retval,errret) \
346 do { \
347 retval = 0; \
348 switch (size) { \
349 case 1: __get_user_asm(x,ptr,retval,"b","b","=q",errret);break; \
350 case 2: __get_user_asm(x,ptr,retval,"w","w","=r",errret);break; \
351 case 4: __get_user_asm(x,ptr,retval,"l","","=r",errret);break; \
352 default: (x) = __get_user_bad(); \
353 } \
354 } while (0)
355
356 #define __get_user_asm(x, addr, err, itype, rtype, ltype, errret) \
357 __asm__ __volatile__( \
358 "1: mov"itype" %2,%"rtype"1\n" \
359 "2:\n" \
360 ".section .fixup,\"ax\"\n" \
361 "3: movl %3,%0\n" \
362 " xor"itype" %"rtype"1,%"rtype"1\n" \
363 " jmp 2b\n" \
364 ".previous\n" \
365 ".section __ex_table,\"a\"\n" \
366 " .align 4\n" \
367 " .long 1b,3b\n" \
368 ".previous" \
369 : "=r"(err), ltype (x) \
370 : "m"(__m(addr)), "i"(errret), "0"(err))
371
372
373 unsigned long __copy_to_user_ll(void __user *to, const void *from, unsigned long n);
374 unsigned long __copy_from_user_ll(void *to, const void __user *from, unsigned long n);
375
376 /*
377 * Here we special-case 1, 2 and 4-byte copy_*_user invocations. On a fault
378 * we return the initial request size (1, 2 or 4), as copy_*_user should do.
379 * If a store crosses a page boundary and gets a fault, the x86 will not write
380 * anything, so this is accurate.
381 */
382
383 /**
384 * __copy_to_user: - Copy a block of data into user space, with less checking.
385 * @to: Destination address, in user space.
386 * @from: Source address, in kernel space.
387 * @n: Number of bytes to copy.
388 *
389 * Context: User context only. This function may sleep.
390 *
391 * Copy data from kernel space to user space. Caller must check
392 * the specified block with access_ok() before calling this function.
393 *
394 * Returns number of bytes that could not be copied.
395 * On success, this will be zero.
396 */
397 static inline unsigned long
398 __copy_to_user(void __user *to, const void *from, unsigned long n)
399 {
400 if (__builtin_constant_p(n)) {
401 unsigned long ret;
402
403 switch (n) {
404 case 1:
405 __put_user_size(*(u8 *)from, (u8 *)to, 1, ret, 1);
406 return ret;
407 case 2:
408 __put_user_size(*(u16 *)from, (u16 *)to, 2, ret, 2);
409 return ret;
410 case 4:
411 __put_user_size(*(u32 *)from, (u32 *)to, 4, ret, 4);
412 return ret;
413 }
414 }
415 return __copy_to_user_ll(to, from, n);
416 }
417
418 /**
419 * __copy_from_user: - Copy a block of data from user space, with less checking.
420 * @to: Destination address, in kernel space.
421 * @from: Source address, in user space.
422 * @n: Number of bytes to copy.
423 *
424 * Context: User context only. This function may sleep.
425 *
426 * Copy data from user space to kernel space. Caller must check
427 * the specified block with access_ok() before calling this function.
428 *
429 * Returns number of bytes that could not be copied.
430 * On success, this will be zero.
431 *
432 * If some data could not be copied, this function will pad the copied
433 * data to the requested size using zero bytes.
434 */
435 static inline unsigned long
436 __copy_from_user(void *to, const void __user *from, unsigned long n)
437 {
438 if (__builtin_constant_p(n)) {
439 unsigned long ret;
440
441 switch (n) {
442 case 1:
443 __get_user_size(*(u8 *)to, from, 1, ret, 1);
444 return ret;
445 case 2:
446 __get_user_size(*(u16 *)to, from, 2, ret, 2);
447 return ret;
448 case 4:
449 __get_user_size(*(u32 *)to, from, 4, ret, 4);
450 return ret;
451 }
452 }
453 return __copy_from_user_ll(to, from, n);
454 }
455
456 /**
457 * copy_to_user: - Copy a block of data into user space.
458 * @to: Destination address, in user space.
459 * @from: Source address, in kernel space.
460 * @n: Number of bytes to copy.
461 *
462 * Context: User context only. This function may sleep.
463 *
464 * Copy data from kernel space to user space.
465 *
466 * Returns number of bytes that could not be copied.
467 * On success, this will be zero.
468 */
469 static inline unsigned long
470 copy_to_user(void __user *to, const void *from, unsigned long n)
471 {
472 if (access_ok(VERIFY_WRITE, to, n))
473 n = __copy_to_user(to, from, n);
474 return n;
475 }
476
477 /**
478 * copy_from_user: - Copy a block of data from user space.
479 * @to: Destination address, in kernel space.
480 * @from: Source address, in user space.
481 * @n: Number of bytes to copy.
482 *
483 * Context: User context only. This function may sleep.
484 *
485 * Copy data from user space to kernel space.
486 *
487 * Returns number of bytes that could not be copied.
488 * On success, this will be zero.
489 *
490 * If some data could not be copied, this function will pad the copied
491 * data to the requested size using zero bytes.
492 */
493 static inline unsigned long
494 copy_from_user(void *to, const void __user *from, unsigned long n)
495 {
496 if (access_ok(VERIFY_READ, from, n))
497 n = __copy_from_user(to, from, n);
498 else
499 memset(to, 0, n);
500 return n;
501 }
502
503 long strncpy_from_user(char *dst, const char __user *src, long count);
504 long __strncpy_from_user(char *dst, const char __user *src, long count);
505
506 /**
507 * strlen_user: - Get the size of a string in user space.
508 * @str: The string to measure.
509 *
510 * Context: User context only. This function may sleep.
511 *
512 * Get the size of a NUL-terminated string in user space.
513 *
514 * Returns the size of the string INCLUDING the terminating NUL.
515 * On exception, returns 0.
516 *
517 * If there is a limit on the length of a valid string, you may wish to
518 * consider using strnlen_user() instead.
519 */
520 #define strlen_user(str) strnlen_user(str, ~0UL >> 1)
521
522 long strnlen_user(const char __user *str, long n);
523 unsigned long clear_user(void __user *mem, unsigned long len);
524 unsigned long __clear_user(void __user *mem, unsigned long len);
525
526 #endif /* __i386_UACCESS_H */
Mirror of the linux-mips.org kernel tree