[MIPS] User stack pointer randomisation
[linux-2.6] / include / asm-powerpc / uaccess.h
1 #ifndef _ARCH_POWERPC_UACCESS_H
2 #define _ARCH_POWERPC_UACCESS_H
3
4 #ifdef __KERNEL__
5 #ifndef __ASSEMBLY__
6
7 #include <linux/sched.h>
8 #include <linux/errno.h>
9 #include <asm/processor.h>
10 #include <asm/page.h>
11
12 #define VERIFY_READ     0
13 #define VERIFY_WRITE    1
14
15 /*
16  * The fs value determines whether argument validity checking should be
17  * performed or not.  If get_fs() == USER_DS, checking is performed, with
18  * get_fs() == KERNEL_DS, checking is bypassed.
19  *
20  * For historical reasons, these macros are grossly misnamed.
21  *
22  * The fs/ds values are now the highest legal address in the "segment".
23  * This simplifies the checking in the routines below.
24  */
25
26 #define MAKE_MM_SEG(s)  ((mm_segment_t) { (s) })
27
28 #define KERNEL_DS       MAKE_MM_SEG(~0UL)
29 #ifdef __powerpc64__
30 /* We use TASK_SIZE_USER64 as TASK_SIZE is not constant */
31 #define USER_DS         MAKE_MM_SEG(TASK_SIZE_USER64 - 1)
32 #else
33 #define USER_DS         MAKE_MM_SEG(TASK_SIZE - 1)
34 #endif
35
36 #define get_ds()        (KERNEL_DS)
37 #define get_fs()        (current->thread.fs)
38 #define set_fs(val)     (current->thread.fs = (val))
39
40 #define segment_eq(a, b)        ((a).seg == (b).seg)
41
42 #ifdef __powerpc64__
43 /*
44  * This check is sufficient because there is a large enough
45  * gap between user addresses and the kernel addresses
46  */
47 #define __access_ok(addr, size, segment)        \
48         (((addr) <= (segment).seg) && ((size) <= (segment).seg))
49
50 #else
51
52 #define __access_ok(addr, size, segment)        \
53         (((addr) <= (segment).seg) &&           \
54          (((size) == 0) || (((size) - 1) <= ((segment).seg - (addr)))))
55
56 #endif
57
58 #define access_ok(type, addr, size)             \
59         (__chk_user_ptr(addr),                  \
60          __access_ok((__force unsigned long)(addr), (size), get_fs()))
61
62 /*
63  * The exception table consists of pairs of addresses: the first is the
64  * address of an instruction that is allowed to fault, and the second is
65  * the address at which the program should continue.  No registers are
66  * modified, so it is entirely up to the continuation code to figure out
67  * what to do.
68  *
69  * All the routines below use bits of fixup code that are out of line
70  * with the main instruction path.  This means when everything is well,
71  * we don't even have to jump over them.  Further, they do not intrude
72  * on our cache or tlb entries.
73  */
74
75 struct exception_table_entry {
76         unsigned long insn;
77         unsigned long fixup;
78 };
79
80 /*
81  * These are the main single-value transfer routines.  They automatically
82  * use the right size if we just have the right pointer type.
83  *
84  * This gets kind of ugly. We want to return _two_ values in "get_user()"
85  * and yet we don't want to do any pointers, because that is too much
86  * of a performance impact. Thus we have a few rather ugly macros here,
87  * and hide all the ugliness from the user.
88  *
89  * The "__xxx" versions of the user access functions are versions that
90  * do not verify the address space, that must have been done previously
91  * with a separate "access_ok()" call (this is used when we do multiple
92  * accesses to the same area of user memory).
93  *
94  * As we use the same address space for kernel and user data on the
95  * PowerPC, we can just do these as direct assignments.  (Of course, the
96  * exception handling means that it's no longer "just"...)
97  *
98  * The "user64" versions of the user access functions are versions that
99  * allow access of 64-bit data. The "get_user" functions do not
100  * properly handle 64-bit data because the value gets down cast to a long.
101  * The "put_user" functions already handle 64-bit data properly but we add
102  * "user64" versions for completeness
103  */
104 #define get_user(x, ptr) \
105         __get_user_check((x), (ptr), sizeof(*(ptr)))
106 #define put_user(x, ptr) \
107         __put_user_check((__typeof__(*(ptr)))(x), (ptr), sizeof(*(ptr)))
108
109 #define __get_user(x, ptr) \
110         __get_user_nocheck((x), (ptr), sizeof(*(ptr)))
111 #define __put_user(x, ptr) \
112         __put_user_nocheck((__typeof__(*(ptr)))(x), (ptr), sizeof(*(ptr)))
113
114 #ifndef __powerpc64__
115 #define __get_user64(x, ptr) \
116         __get_user64_nocheck((x), (ptr), sizeof(*(ptr)))
117 #define __put_user64(x, ptr) __put_user(x, ptr)
118 #endif
119
120 #define __get_user_inatomic(x, ptr) \
121         __get_user_nosleep((x), (ptr), sizeof(*(ptr)))
122 #define __put_user_inatomic(x, ptr) \
123         __put_user_nosleep((__typeof__(*(ptr)))(x), (ptr), sizeof(*(ptr)))
124
125 #define __get_user_unaligned __get_user
126 #define __put_user_unaligned __put_user
127
128 extern long __put_user_bad(void);
129
130 /*
131  * We don't tell gcc that we are accessing memory, but this is OK
132  * because we do not write to any memory gcc knows about, so there
133  * are no aliasing issues.
134  */
135 #define __put_user_asm(x, addr, err, op)                        \
136         __asm__ __volatile__(                                   \
137                 "1:     " op " %1,0(%2) # put_user\n"           \
138                 "2:\n"                                          \
139                 ".section .fixup,\"ax\"\n"                      \
140                 "3:     li %0,%3\n"                             \
141                 "       b 2b\n"                                 \
142                 ".previous\n"                                   \
143                 ".section __ex_table,\"a\"\n"                   \
144                 "       .balign %5\n"                           \
145                         PPC_LONG "1b,3b\n"                      \
146                 ".previous"                                     \
147                 : "=r" (err)                                    \
148                 : "r" (x), "b" (addr), "i" (-EFAULT), "0" (err),\
149                   "i"(sizeof(unsigned long)))
150
151 #ifdef __powerpc64__
152 #define __put_user_asm2(x, ptr, retval)                         \
153           __put_user_asm(x, ptr, retval, "std")
154 #else /* __powerpc64__ */
155 #define __put_user_asm2(x, addr, err)                           \
156         __asm__ __volatile__(                                   \
157                 "1:     stw %1,0(%2)\n"                         \
158                 "2:     stw %1+1,4(%2)\n"                       \
159                 "3:\n"                                          \
160                 ".section .fixup,\"ax\"\n"                      \
161                 "4:     li %0,%3\n"                             \
162                 "       b 3b\n"                                 \
163                 ".previous\n"                                   \
164                 ".section __ex_table,\"a\"\n"                   \
165                 "       .balign %5\n"                           \
166                         PPC_LONG "1b,4b\n"                      \
167                         PPC_LONG "2b,4b\n"                      \
168                 ".previous"                                     \
169                 : "=r" (err)                                    \
170                 : "r" (x), "b" (addr), "i" (-EFAULT), "0" (err),\
171                   "i"(sizeof(unsigned long)))
172 #endif /* __powerpc64__ */
173
174 #define __put_user_size(x, ptr, size, retval)                   \
175 do {                                                            \
176         retval = 0;                                             \
177         switch (size) {                                         \
178           case 1: __put_user_asm(x, ptr, retval, "stb"); break; \
179           case 2: __put_user_asm(x, ptr, retval, "sth"); break; \
180           case 4: __put_user_asm(x, ptr, retval, "stw"); break; \
181           case 8: __put_user_asm2(x, ptr, retval); break;       \
182           default: __put_user_bad();                            \
183         }                                                       \
184 } while (0)
185
186 #define __put_user_nocheck(x, ptr, size)                        \
187 ({                                                              \
188         long __pu_err;                                          \
189         __typeof__(*(ptr)) __user *__pu_addr = (ptr);           \
190         if (!is_kernel_addr((unsigned long)__pu_addr))          \
191                 might_sleep();                                  \
192         __chk_user_ptr(ptr);                                    \
193         __put_user_size((x), __pu_addr, (size), __pu_err);      \
194         __pu_err;                                               \
195 })
196
197 #define __put_user_check(x, ptr, size)                                  \
198 ({                                                                      \
199         long __pu_err = -EFAULT;                                        \
200         __typeof__(*(ptr)) __user *__pu_addr = (ptr);                   \
201         might_sleep();                                                  \
202         if (access_ok(VERIFY_WRITE, __pu_addr, size))                   \
203                 __put_user_size((x), __pu_addr, (size), __pu_err);      \
204         __pu_err;                                                       \
205 })
206
207 #define __put_user_nosleep(x, ptr, size)                        \
208 ({                                                              \
209         long __pu_err;                                          \
210         __typeof__(*(ptr)) __user *__pu_addr = (ptr);           \
211         __chk_user_ptr(ptr);                                    \
212         __put_user_size((x), __pu_addr, (size), __pu_err);      \
213         __pu_err;                                               \
214 })
215
216
217 extern long __get_user_bad(void);
218
219 #define __get_user_asm(x, addr, err, op)                \
220         __asm__ __volatile__(                           \
221                 "1:     "op" %1,0(%2)   # get_user\n"   \
222                 "2:\n"                                  \
223                 ".section .fixup,\"ax\"\n"              \
224                 "3:     li %0,%3\n"                     \
225                 "       li %1,0\n"                      \
226                 "       b 2b\n"                         \
227                 ".previous\n"                           \
228                 ".section __ex_table,\"a\"\n"           \
229                 "       .balign %5\n"                   \
230                         PPC_LONG "1b,3b\n"              \
231                 ".previous"                             \
232                 : "=r" (err), "=r" (x)                  \
233                 : "b" (addr), "i" (-EFAULT), "0" (err), \
234                   "i"(sizeof(unsigned long)))
235
236 #ifdef __powerpc64__
237 #define __get_user_asm2(x, addr, err)                   \
238         __get_user_asm(x, addr, err, "ld")
239 #else /* __powerpc64__ */
240 #define __get_user_asm2(x, addr, err)                   \
241         __asm__ __volatile__(                           \
242                 "1:     lwz %1,0(%2)\n"                 \
243                 "2:     lwz %1+1,4(%2)\n"               \
244                 "3:\n"                                  \
245                 ".section .fixup,\"ax\"\n"              \
246                 "4:     li %0,%3\n"                     \
247                 "       li %1,0\n"                      \
248                 "       li %1+1,0\n"                    \
249                 "       b 3b\n"                         \
250                 ".previous\n"                           \
251                 ".section __ex_table,\"a\"\n"           \
252                 "       .balign %5\n"                   \
253                         PPC_LONG "1b,4b\n"              \
254                         PPC_LONG "2b,4b\n"              \
255                 ".previous"                             \
256                 : "=r" (err), "=&r" (x)                 \
257                 : "b" (addr), "i" (-EFAULT), "0" (err), \
258                   "i"(sizeof(unsigned long)))
259 #endif /* __powerpc64__ */
260
261 #define __get_user_size(x, ptr, size, retval)                   \
262 do {                                                            \
263         retval = 0;                                             \
264         __chk_user_ptr(ptr);                                    \
265         if (size > sizeof(x))                                   \
266                 (x) = __get_user_bad();                         \
267         switch (size) {                                         \
268         case 1: __get_user_asm(x, ptr, retval, "lbz"); break;   \
269         case 2: __get_user_asm(x, ptr, retval, "lhz"); break;   \
270         case 4: __get_user_asm(x, ptr, retval, "lwz"); break;   \
271         case 8: __get_user_asm2(x, ptr, retval);  break;        \
272         default: (x) = __get_user_bad();                        \
273         }                                                       \
274 } while (0)
275
276 #define __get_user_nocheck(x, ptr, size)                        \
277 ({                                                              \
278         long __gu_err;                                          \
279         unsigned long __gu_val;                                 \
280         const __typeof__(*(ptr)) __user *__gu_addr = (ptr);     \
281         __chk_user_ptr(ptr);                                    \
282         if (!is_kernel_addr((unsigned long)__gu_addr))          \
283                 might_sleep();                                  \
284         __get_user_size(__gu_val, __gu_addr, (size), __gu_err); \
285         (x) = (__typeof__(*(ptr)))__gu_val;                     \
286         __gu_err;                                               \
287 })
288
289 #ifndef __powerpc64__
290 #define __get_user64_nocheck(x, ptr, size)                      \
291 ({                                                              \
292         long __gu_err;                                          \
293         long long __gu_val;                                     \
294         const __typeof__(*(ptr)) __user *__gu_addr = (ptr);     \
295         __chk_user_ptr(ptr);                                    \
296         if (!is_kernel_addr((unsigned long)__gu_addr))          \
297                 might_sleep();                                  \
298         __get_user_size(__gu_val, __gu_addr, (size), __gu_err); \
299         (x) = (__typeof__(*(ptr)))__gu_val;                     \
300         __gu_err;                                               \
301 })
302 #endif /* __powerpc64__ */
303
304 #define __get_user_check(x, ptr, size)                                  \
305 ({                                                                      \
306         long __gu_err = -EFAULT;                                        \
307         unsigned long  __gu_val = 0;                                    \
308         const __typeof__(*(ptr)) __user *__gu_addr = (ptr);             \
309         might_sleep();                                                  \
310         if (access_ok(VERIFY_READ, __gu_addr, (size)))                  \
311                 __get_user_size(__gu_val, __gu_addr, (size), __gu_err); \
312         (x) = (__typeof__(*(ptr)))__gu_val;                             \
313         __gu_err;                                                       \
314 })
315
316 #define __get_user_nosleep(x, ptr, size)                        \
317 ({                                                              \
318         long __gu_err;                                          \
319         unsigned long __gu_val;                                 \
320         const __typeof__(*(ptr)) __user *__gu_addr = (ptr);     \
321         __chk_user_ptr(ptr);                                    \
322         __get_user_size(__gu_val, __gu_addr, (size), __gu_err); \
323         (x) = (__typeof__(*(ptr)))__gu_val;                     \
324         __gu_err;                                               \
325 })
326
327
328 /* more complex routines */
329
330 extern unsigned long __copy_tofrom_user(void __user *to,
331                 const void __user *from, unsigned long size);
332
333 #ifndef __powerpc64__
334
335 static inline unsigned long copy_from_user(void *to,
336                 const void __user *from, unsigned long n)
337 {
338         unsigned long over;
339
340         if (access_ok(VERIFY_READ, from, n))
341                 return __copy_tofrom_user((__force void __user *)to, from, n);
342         if ((unsigned long)from < TASK_SIZE) {
343                 over = (unsigned long)from + n - TASK_SIZE;
344                 return __copy_tofrom_user((__force void __user *)to, from,
345                                 n - over) + over;
346         }
347         return n;
348 }
349
350 static inline unsigned long copy_to_user(void __user *to,
351                 const void *from, unsigned long n)
352 {
353         unsigned long over;
354
355         if (access_ok(VERIFY_WRITE, to, n))
356                 return __copy_tofrom_user(to, (__force void __user *)from, n);
357         if ((unsigned long)to < TASK_SIZE) {
358                 over = (unsigned long)to + n - TASK_SIZE;
359                 return __copy_tofrom_user(to, (__force void __user *)from,
360                                 n - over) + over;
361         }
362         return n;
363 }
364
365 #else /* __powerpc64__ */
366
367 #define __copy_in_user(to, from, size) \
368         __copy_tofrom_user((to), (from), (size))
369
370 extern unsigned long copy_from_user(void *to, const void __user *from,
371                                     unsigned long n);
372 extern unsigned long copy_to_user(void __user *to, const void *from,
373                                   unsigned long n);
374 extern unsigned long copy_in_user(void __user *to, const void __user *from,
375                                   unsigned long n);
376
377 #endif /* __powerpc64__ */
378
379 static inline unsigned long __copy_from_user_inatomic(void *to,
380                 const void __user *from, unsigned long n)
381 {
382         if (__builtin_constant_p(n) && (n <= 8)) {
383                 unsigned long ret;
384
385                 switch (n) {
386                 case 1:
387                         __get_user_size(*(u8 *)to, from, 1, ret);
388                         break;
389                 case 2:
390                         __get_user_size(*(u16 *)to, from, 2, ret);
391                         break;
392                 case 4:
393                         __get_user_size(*(u32 *)to, from, 4, ret);
394                         break;
395                 case 8:
396                         __get_user_size(*(u64 *)to, from, 8, ret);
397                         break;
398                 }
399                 if (ret == 0)
400                         return 0;
401         }
402         return __copy_tofrom_user((__force void __user *)to, from, n);
403 }
404
405 static inline unsigned long __copy_to_user_inatomic(void __user *to,
406                 const void *from, unsigned long n)
407 {
408         if (__builtin_constant_p(n) && (n <= 8)) {
409                 unsigned long ret;
410
411                 switch (n) {
412                 case 1:
413                         __put_user_size(*(u8 *)from, (u8 __user *)to, 1, ret);
414                         break;
415                 case 2:
416                         __put_user_size(*(u16 *)from, (u16 __user *)to, 2, ret);
417                         break;
418                 case 4:
419                         __put_user_size(*(u32 *)from, (u32 __user *)to, 4, ret);
420                         break;
421                 case 8:
422                         __put_user_size(*(u64 *)from, (u64 __user *)to, 8, ret);
423                         break;
424                 }
425                 if (ret == 0)
426                         return 0;
427         }
428         return __copy_tofrom_user(to, (__force const void __user *)from, n);
429 }
430
431 static inline unsigned long __copy_from_user(void *to,
432                 const void __user *from, unsigned long size)
433 {
434         might_sleep();
435         return __copy_from_user_inatomic(to, from, size);
436 }
437
438 static inline unsigned long __copy_to_user(void __user *to,
439                 const void *from, unsigned long size)
440 {
441         might_sleep();
442         return __copy_to_user_inatomic(to, from, size);
443 }
444
445 extern unsigned long __clear_user(void __user *addr, unsigned long size);
446
447 static inline unsigned long clear_user(void __user *addr, unsigned long size)
448 {
449         might_sleep();
450         if (likely(access_ok(VERIFY_WRITE, addr, size)))
451                 return __clear_user(addr, size);
452         if ((unsigned long)addr < TASK_SIZE) {
453                 unsigned long over = (unsigned long)addr + size - TASK_SIZE;
454                 return __clear_user(addr, size - over) + over;
455         }
456         return size;
457 }
458
459 extern int __strncpy_from_user(char *dst, const char __user *src, long count);
460
461 static inline long strncpy_from_user(char *dst, const char __user *src,
462                 long count)
463 {
464         might_sleep();
465         if (likely(access_ok(VERIFY_READ, src, 1)))
466                 return __strncpy_from_user(dst, src, count);
467         return -EFAULT;
468 }
469
470 /*
471  * Return the size of a string (including the ending 0)
472  *
473  * Return 0 for error
474  */
475 extern int __strnlen_user(const char __user *str, long len, unsigned long top);
476
477 /*
478  * Returns the length of the string at str (including the null byte),
479  * or 0 if we hit a page we can't access,
480  * or something > len if we didn't find a null byte.
481  *
482  * The `top' parameter to __strnlen_user is to make sure that
483  * we can never overflow from the user area into kernel space.
484  */
485 static inline int strnlen_user(const char __user *str, long len)
486 {
487         unsigned long top = current->thread.fs.seg;
488
489         if ((unsigned long)str > top)
490                 return 0;
491         return __strnlen_user(str, len, top);
492 }
493
494 #define strlen_user(str)        strnlen_user((str), 0x7ffffffe)
495
496 #endif  /* __ASSEMBLY__ */
497 #endif /* __KERNEL__ */
498
499 #endif  /* _ARCH_POWERPC_UACCESS_H */