Merge branch 'master' of /usr/src/ntfs-2.6/
[linux-2.6] / arch / um / sys-i386 / ldt.c
1 /*
2  * Copyright (C) 2001, 2002 Jeff Dike (jdike@karaya.com)
3  * Licensed under the GPL
4  */
5
6 #include "linux/stddef.h"
7 #include "linux/config.h"
8 #include "linux/sched.h"
9 #include "linux/slab.h"
10 #include "linux/types.h"
11 #include "linux/errno.h"
12 #include "asm/uaccess.h"
13 #include "asm/smp.h"
14 #include "asm/ldt.h"
15 #include "asm/unistd.h"
16 #include "choose-mode.h"
17 #include "kern.h"
18 #include "mode_kern.h"
19 #include "proc_mm.h"
20 #include "os.h"
21
22 extern int modify_ldt(int func, void *ptr, unsigned long bytecount);
23
24 #ifdef CONFIG_MODE_TT
25
26 static long do_modify_ldt_tt(int func, void __user *ptr,
27                               unsigned long bytecount)
28 {
29         struct user_desc info;
30         int res = 0;
31         void *buf = NULL;
32         void *p = NULL; /* What we pass to host. */
33
34         switch(func){
35         case 1:
36         case 0x11: /* write_ldt */
37                 /* Do this check now to avoid overflows. */
38                 if (bytecount != sizeof(struct user_desc)) {
39                         res = -EINVAL;
40                         goto out;
41                 }
42
43                 if(copy_from_user(&info, ptr, sizeof(info))) {
44                         res = -EFAULT;
45                         goto out;
46                 }
47
48                 p = &info;
49                 break;
50         case 0:
51         case 2: /* read_ldt */
52
53                 /* The use of info avoids kmalloc on the write case, not on the
54                  * read one. */
55                 buf = kmalloc(bytecount, GFP_KERNEL);
56                 if (!buf) {
57                         res = -ENOMEM;
58                         goto out;
59                 }
60                 p = buf;
61                 break;
62         default:
63                 res = -ENOSYS;
64                 goto out;
65         }
66
67         res = modify_ldt(func, p, bytecount);
68         if(res < 0)
69                 goto out;
70
71         switch(func){
72         case 0:
73         case 2:
74                 /* Modify_ldt was for reading and returned the number of read
75                  * bytes.*/
76                 if(copy_to_user(ptr, p, res))
77                         res = -EFAULT;
78                 break;
79         }
80
81 out:
82         kfree(buf);
83         return res;
84 }
85
86 #endif
87
88 #ifdef CONFIG_MODE_SKAS
89
90 #include "skas.h"
91 #include "skas_ptrace.h"
92 #include "asm/mmu_context.h"
93
94 long write_ldt_entry(struct mm_id * mm_idp, int func, struct user_desc * desc,
95                      void **addr, int done)
96 {
97         long res;
98
99         if(proc_mm){
100                 /* This is a special handling for the case, that the mm to
101                  * modify isn't current->active_mm.
102                  * If this is called directly by modify_ldt,
103                  *     (current->active_mm->context.skas.u == mm_idp)
104                  * will be true. So no call to switch_mm_skas(mm_idp) is done.
105                  * If this is called in case of init_new_ldt or PTRACE_LDT,
106                  * mm_idp won't belong to current->active_mm, but child->mm.
107                  * So we need to switch child's mm into our userspace, then
108                  * later switch back.
109                  *
110                  * Note: I'm unshure: should interrupts be disabled here?
111                  */
112                 if(!current->active_mm || current->active_mm == &init_mm ||
113                    mm_idp != &current->active_mm->context.skas.id)
114                         switch_mm_skas(mm_idp);
115         }
116
117         if(ptrace_ldt) {
118                 struct ptrace_ldt ldt_op = (struct ptrace_ldt) {
119                         .func = func,
120                         .ptr = desc,
121                         .bytecount = sizeof(*desc)};
122                 u32 cpu;
123                 int pid;
124
125                 if(!proc_mm)
126                         pid = mm_idp->u.pid;
127                 else {
128                         cpu = get_cpu();
129                         pid = userspace_pid[cpu];
130                 }
131
132                 res = ptrace(PTRACE_LDT, pid, 0, (unsigned long) &ldt_op);
133                 if(res)
134                         res = errno;
135
136                 if(proc_mm)
137                         put_cpu();
138         }
139         else {
140                 void *stub_addr;
141                 res = syscall_stub_data(mm_idp, (unsigned long *)desc,
142                                         (sizeof(*desc) + sizeof(long) - 1) &
143                                             ~(sizeof(long) - 1),
144                                         addr, &stub_addr);
145                 if(!res){
146                         unsigned long args[] = { func,
147                                                  (unsigned long)stub_addr,
148                                                  sizeof(*desc),
149                                                  0, 0, 0 };
150                         res = run_syscall_stub(mm_idp, __NR_modify_ldt, args,
151                                                0, addr, done);
152                 }
153         }
154
155         if(proc_mm){
156                 /* This is the second part of special handling, that makes
157                  * PTRACE_LDT possible to implement.
158                  */
159                 if(current->active_mm && current->active_mm != &init_mm &&
160                    mm_idp != &current->active_mm->context.skas.id)
161                         switch_mm_skas(&current->active_mm->context.skas.id);
162         }
163
164         return res;
165 }
166
167 static long read_ldt_from_host(void __user * ptr, unsigned long bytecount)
168 {
169         int res, n;
170         struct ptrace_ldt ptrace_ldt = (struct ptrace_ldt) {
171                         .func = 0,
172                         .bytecount = bytecount,
173                         .ptr = (void *)kmalloc(bytecount, GFP_KERNEL)};
174         u32 cpu;
175
176         if(ptrace_ldt.ptr == NULL)
177                 return -ENOMEM;
178
179         /* This is called from sys_modify_ldt only, so userspace_pid gives
180          * us the right number
181          */
182
183         cpu = get_cpu();
184         res = ptrace(PTRACE_LDT, userspace_pid[cpu], 0,
185                      (unsigned long) &ptrace_ldt);
186         put_cpu();
187         if(res < 0)
188                 goto out;
189
190         n = copy_to_user(ptr, ptrace_ldt.ptr, res);
191         if(n != 0)
192                 res = -EFAULT;
193
194   out:
195         kfree(ptrace_ldt.ptr);
196
197         return res;
198 }
199
200 /*
201  * In skas mode, we hold our own ldt data in UML.
202  * Thus, the code implementing sys_modify_ldt_skas
203  * is very similar to (and mostly stolen from) sys_modify_ldt
204  * for arch/i386/kernel/ldt.c
205  * The routines copied and modified in part are:
206  * - read_ldt
207  * - read_default_ldt
208  * - write_ldt
209  * - sys_modify_ldt_skas
210  */
211
212 static int read_ldt(void __user * ptr, unsigned long bytecount)
213 {
214         int i, err = 0;
215         unsigned long size;
216         uml_ldt_t * ldt = &current->mm->context.skas.ldt;
217
218         if(!ldt->entry_count)
219                 goto out;
220         if(bytecount > LDT_ENTRY_SIZE*LDT_ENTRIES)
221                 bytecount = LDT_ENTRY_SIZE*LDT_ENTRIES;
222         err = bytecount;
223
224         if(ptrace_ldt){
225                 return read_ldt_from_host(ptr, bytecount);
226         }
227
228         down(&ldt->semaphore);
229         if(ldt->entry_count <= LDT_DIRECT_ENTRIES){
230                 size = LDT_ENTRY_SIZE*LDT_DIRECT_ENTRIES;
231                 if(size > bytecount)
232                         size = bytecount;
233                 if(copy_to_user(ptr, ldt->u.entries, size))
234                         err = -EFAULT;
235                 bytecount -= size;
236                 ptr += size;
237         }
238         else {
239                 for(i=0; i<ldt->entry_count/LDT_ENTRIES_PER_PAGE && bytecount;
240                          i++){
241                         size = PAGE_SIZE;
242                         if(size > bytecount)
243                                 size = bytecount;
244                         if(copy_to_user(ptr, ldt->u.pages[i], size)){
245                                 err = -EFAULT;
246                                 break;
247                         }
248                         bytecount -= size;
249                         ptr += size;
250                 }
251         }
252         up(&ldt->semaphore);
253
254         if(bytecount == 0 || err == -EFAULT)
255                 goto out;
256
257         if(clear_user(ptr, bytecount))
258                 err = -EFAULT;
259
260 out:
261         return err;
262 }
263
264 static int read_default_ldt(void __user * ptr, unsigned long bytecount)
265 {
266         int err;
267
268         if(bytecount > 5*LDT_ENTRY_SIZE)
269                 bytecount = 5*LDT_ENTRY_SIZE;
270
271         err = bytecount;
272         /* UML doesn't support lcall7 and lcall27.
273          * So, we don't really have a default ldt, but emulate
274          * an empty ldt of common host default ldt size.
275          */
276         if(clear_user(ptr, bytecount))
277                 err = -EFAULT;
278
279         return err;
280 }
281
282 static int write_ldt(void __user * ptr, unsigned long bytecount, int func)
283 {
284         uml_ldt_t * ldt = &current->mm->context.skas.ldt;
285         struct mm_id * mm_idp = &current->mm->context.skas.id;
286         int i, err;
287         struct user_desc ldt_info;
288         struct ldt_entry entry0, *ldt_p;
289         void *addr = NULL;
290
291         err = -EINVAL;
292         if(bytecount != sizeof(ldt_info))
293                 goto out;
294         err = -EFAULT;
295         if(copy_from_user(&ldt_info, ptr, sizeof(ldt_info)))
296                 goto out;
297
298         err = -EINVAL;
299         if(ldt_info.entry_number >= LDT_ENTRIES)
300                 goto out;
301         if(ldt_info.contents == 3){
302                 if (func == 1)
303                         goto out;
304                 if (ldt_info.seg_not_present == 0)
305                         goto out;
306         }
307
308         if(!ptrace_ldt)
309                 down(&ldt->semaphore);
310
311         err = write_ldt_entry(mm_idp, func, &ldt_info, &addr, 1);
312         if(err)
313                 goto out_unlock;
314         else if(ptrace_ldt) {
315         /* With PTRACE_LDT available, this is used as a flag only */
316                 ldt->entry_count = 1;
317                 goto out;
318         }
319
320         if(ldt_info.entry_number >= ldt->entry_count &&
321            ldt_info.entry_number >= LDT_DIRECT_ENTRIES){
322                 for(i=ldt->entry_count/LDT_ENTRIES_PER_PAGE;
323                     i*LDT_ENTRIES_PER_PAGE <= ldt_info.entry_number;
324                     i++){
325                         if(i == 0)
326                                 memcpy(&entry0, ldt->u.entries,
327                                        sizeof(entry0));
328                         ldt->u.pages[i] = (struct ldt_entry *)
329                                 __get_free_page(GFP_KERNEL|__GFP_ZERO);
330                         if(!ldt->u.pages[i]){
331                                 err = -ENOMEM;
332                                 /* Undo the change in host */
333                                 memset(&ldt_info, 0, sizeof(ldt_info));
334                                 write_ldt_entry(mm_idp, 1, &ldt_info, &addr, 1);
335                                 goto out_unlock;
336                         }
337                         if(i == 0) {
338                                 memcpy(ldt->u.pages[0], &entry0,
339                                        sizeof(entry0));
340                                 memcpy(ldt->u.pages[0]+1, ldt->u.entries+1,
341                                        sizeof(entry0)*(LDT_DIRECT_ENTRIES-1));
342                         }
343                         ldt->entry_count = (i + 1) * LDT_ENTRIES_PER_PAGE;
344                 }
345         }
346         if(ldt->entry_count <= ldt_info.entry_number)
347                 ldt->entry_count = ldt_info.entry_number + 1;
348
349         if(ldt->entry_count <= LDT_DIRECT_ENTRIES)
350                 ldt_p = ldt->u.entries + ldt_info.entry_number;
351         else
352                 ldt_p = ldt->u.pages[ldt_info.entry_number/LDT_ENTRIES_PER_PAGE] +
353                         ldt_info.entry_number%LDT_ENTRIES_PER_PAGE;
354
355         if(ldt_info.base_addr == 0 && ldt_info.limit == 0 &&
356            (func == 1 || LDT_empty(&ldt_info))){
357                 ldt_p->a = 0;
358                 ldt_p->b = 0;
359         }
360         else{
361                 if (func == 1)
362                         ldt_info.useable = 0;
363                 ldt_p->a = LDT_entry_a(&ldt_info);
364                 ldt_p->b = LDT_entry_b(&ldt_info);
365         }
366         err = 0;
367
368 out_unlock:
369         up(&ldt->semaphore);
370 out:
371         return err;
372 }
373
374 static long do_modify_ldt_skas(int func, void __user *ptr,
375                                unsigned long bytecount)
376 {
377         int ret = -ENOSYS;
378
379         switch (func) {
380                 case 0:
381                         ret = read_ldt(ptr, bytecount);
382                         break;
383                 case 1:
384                 case 0x11:
385                         ret = write_ldt(ptr, bytecount, func);
386                         break;
387                 case 2:
388                         ret = read_default_ldt(ptr, bytecount);
389                         break;
390         }
391         return ret;
392 }
393
394 short dummy_list[9] = {0, -1};
395 short * host_ldt_entries = NULL;
396
397 void ldt_get_host_info(void)
398 {
399         long ret;
400         struct ldt_entry * ldt;
401         int i, size, k, order;
402
403         host_ldt_entries = dummy_list+1;
404
405         for(i = LDT_PAGES_MAX-1, order=0; i; i>>=1, order++);
406
407         ldt = (struct ldt_entry *)
408               __get_free_pages(GFP_KERNEL|__GFP_ZERO, order);
409         if(ldt == NULL) {
410                 printk("ldt_get_host_info: couldn't allocate buffer for host ldt\n");
411                 return;
412         }
413
414         ret = modify_ldt(0, ldt, (1<<order)*PAGE_SIZE);
415         if(ret < 0) {
416                 printk("ldt_get_host_info: couldn't read host ldt\n");
417                 goto out_free;
418         }
419         if(ret == 0) {
420                 /* default_ldt is active, simply write an empty entry 0 */
421                 host_ldt_entries = dummy_list;
422                 goto out_free;
423         }
424
425         for(i=0, size=0; i<ret/LDT_ENTRY_SIZE; i++){
426                 if(ldt[i].a != 0 || ldt[i].b != 0)
427                         size++;
428         }
429
430         if(size < sizeof(dummy_list)/sizeof(dummy_list[0])) {
431                 host_ldt_entries = dummy_list;
432         }
433         else {
434                 size = (size + 1) * sizeof(dummy_list[0]);
435                 host_ldt_entries = (short *)kmalloc(size, GFP_KERNEL);
436                 if(host_ldt_entries == NULL) {
437                         printk("ldt_get_host_info: couldn't allocate host ldt list\n");
438                         goto out_free;
439                 }
440         }
441
442         for(i=0, k=0; i<ret/LDT_ENTRY_SIZE; i++){
443                 if(ldt[i].a != 0 || ldt[i].b != 0) {
444                         host_ldt_entries[k++] = i;
445                 }
446         }
447         host_ldt_entries[k] = -1;
448
449 out_free:
450         free_pages((unsigned long)ldt, order);
451 }
452
453 long init_new_ldt(struct mmu_context_skas * new_mm,
454                   struct mmu_context_skas * from_mm)
455 {
456         struct user_desc desc;
457         short * num_p;
458         int i;
459         long page, err=0;
460         void *addr = NULL;
461         struct proc_mm_op copy;
462
463
464         if(!ptrace_ldt)
465                 init_MUTEX(&new_mm->ldt.semaphore);
466
467         if(!from_mm){
468                 memset(&desc, 0, sizeof(desc));
469                 /*
470                  * We have to initialize a clean ldt.
471                  */
472                 if(proc_mm) {
473                         /*
474                          * If the new mm was created using proc_mm, host's
475                          * default-ldt currently is assigned, which normally
476                          * contains the call-gates for lcall7 and lcall27.
477                          * To remove these gates, we simply write an empty
478                          * entry as number 0 to the host.
479                          */
480                         err = write_ldt_entry(&new_mm->id, 1, &desc,
481                                               &addr, 1);
482                 }
483                 else{
484                         /*
485                          * Now we try to retrieve info about the ldt, we
486                          * inherited from the host. All ldt-entries found
487                          * will be reset in the following loop
488                          */
489                         if(host_ldt_entries == NULL)
490                                 ldt_get_host_info();
491                         for(num_p=host_ldt_entries; *num_p != -1; num_p++){
492                                 desc.entry_number = *num_p;
493                                 err = write_ldt_entry(&new_mm->id, 1, &desc,
494                                                       &addr, *(num_p + 1) == -1);
495                                 if(err)
496                                         break;
497                         }
498                 }
499                 new_mm->ldt.entry_count = 0;
500
501                 goto out;
502         }
503
504         if(proc_mm){
505                 /* We have a valid from_mm, so we now have to copy the LDT of
506                  * from_mm to new_mm, because using proc_mm an new mm with
507                  * an empty/default LDT was created in new_mm()
508                  */
509                 copy = ((struct proc_mm_op) { .op       = MM_COPY_SEGMENTS,
510                                               .u        =
511                                               { .copy_segments =
512                                                         from_mm->id.u.mm_fd } } );
513                 i = os_write_file(new_mm->id.u.mm_fd, &copy, sizeof(copy));
514                 if(i != sizeof(copy))
515                         printk("new_mm : /proc/mm copy_segments failed, "
516                                "err = %d\n", -i);
517         }
518
519         if(!ptrace_ldt) {
520                 /* Our local LDT is used to supply the data for
521                  * modify_ldt(READLDT), if PTRACE_LDT isn't available,
522                  * i.e., we have to use the stub for modify_ldt, which
523                  * can't handle the big read buffer of up to 64kB.
524                  */
525                 down(&from_mm->ldt.semaphore);
526                 if(from_mm->ldt.entry_count <= LDT_DIRECT_ENTRIES){
527                         memcpy(new_mm->ldt.u.entries, from_mm->ldt.u.entries,
528                                sizeof(new_mm->ldt.u.entries));
529                 }
530                 else{
531                         i = from_mm->ldt.entry_count / LDT_ENTRIES_PER_PAGE;
532                         while(i-->0){
533                                 page = __get_free_page(GFP_KERNEL|__GFP_ZERO);
534                                 if (!page){
535                                         err = -ENOMEM;
536                                         break;
537                                 }
538                                 new_mm->ldt.u.pages[i] =
539                                         (struct ldt_entry *) page;
540                                 memcpy(new_mm->ldt.u.pages[i],
541                                        from_mm->ldt.u.pages[i], PAGE_SIZE);
542                         }
543                 }
544                 new_mm->ldt.entry_count = from_mm->ldt.entry_count;
545                 up(&from_mm->ldt.semaphore);
546         }
547
548     out:
549         return err;
550 }
551
552
553 void free_ldt(struct mmu_context_skas * mm)
554 {
555         int i;
556
557         if(!ptrace_ldt && mm->ldt.entry_count > LDT_DIRECT_ENTRIES){
558                 i = mm->ldt.entry_count / LDT_ENTRIES_PER_PAGE;
559                 while(i-- > 0){
560                         free_page((long )mm->ldt.u.pages[i]);
561                 }
562         }
563         mm->ldt.entry_count = 0;
564 }
565 #endif
566
567 int sys_modify_ldt(int func, void __user *ptr, unsigned long bytecount)
568 {
569         return(CHOOSE_MODE_PROC(do_modify_ldt_tt, do_modify_ldt_skas, func,
570                                 ptr, bytecount));
571 }