root/arch/x86/include/asm/uaccess.h

/* [<][>][^][v][top][bottom][index][help] */

INCLUDED FROM


DEFINITIONS

This source file includes following definitions.
  1. set_fs
  2. __chk_range_not_ok
  3. user_access_begin

   1 /* SPDX-License-Identifier: GPL-2.0 */
   2 #ifndef _ASM_X86_UACCESS_H
   3 #define _ASM_X86_UACCESS_H
   4 /*
   5  * User space memory access functions
   6  */
   7 #include <linux/compiler.h>
   8 #include <linux/kasan-checks.h>
   9 #include <linux/string.h>
  10 #include <asm/asm.h>
  11 #include <asm/page.h>
  12 #include <asm/smap.h>
  13 #include <asm/extable.h>
  14 
  15 /*
  16  * The fs value determines whether argument validity checking should be
  17  * performed or not.  If get_fs() == USER_DS, checking is performed, with
  18  * get_fs() == KERNEL_DS, checking is bypassed.
  19  *
  20  * For historical reasons, these macros are grossly misnamed.
  21  */
  22 
  23 #define MAKE_MM_SEG(s)  ((mm_segment_t) { (s) })
  24 
  25 #define KERNEL_DS       MAKE_MM_SEG(-1UL)
  26 #define USER_DS         MAKE_MM_SEG(TASK_SIZE_MAX)
  27 
  28 #define get_fs()        (current->thread.addr_limit)
  29 static inline void set_fs(mm_segment_t fs)
  30 {
  31         current->thread.addr_limit = fs;
  32         /* On user-mode return, check fs is correct */
  33         set_thread_flag(TIF_FSCHECK);
  34 }
  35 
  36 #define segment_eq(a, b)        ((a).seg == (b).seg)
  37 #define user_addr_max() (current->thread.addr_limit.seg)
  38 
  39 /*
  40  * Test whether a block of memory is a valid user space address.
  41  * Returns 0 if the range is valid, nonzero otherwise.
  42  */
  43 static inline bool __chk_range_not_ok(unsigned long addr, unsigned long size, unsigned long limit)
  44 {
  45         /*
  46          * If we have used "sizeof()" for the size,
  47          * we know it won't overflow the limit (but
  48          * it might overflow the 'addr', so it's
  49          * important to subtract the size from the
  50          * limit, not add it to the address).
  51          */
  52         if (__builtin_constant_p(size))
  53                 return unlikely(addr > limit - size);
  54 
  55         /* Arbitrary sizes? Be careful about overflow */
  56         addr += size;
  57         if (unlikely(addr < size))
  58                 return true;
  59         return unlikely(addr > limit);
  60 }
  61 
  62 #define __range_not_ok(addr, size, limit)                               \
  63 ({                                                                      \
  64         __chk_user_ptr(addr);                                           \
  65         __chk_range_not_ok((unsigned long __force)(addr), size, limit); \
  66 })
  67 
  68 #ifdef CONFIG_DEBUG_ATOMIC_SLEEP
  69 static inline bool pagefault_disabled(void);
  70 # define WARN_ON_IN_IRQ()       \
  71         WARN_ON_ONCE(!in_task() && !pagefault_disabled())
  72 #else
  73 # define WARN_ON_IN_IRQ()
  74 #endif
  75 
  76 /**
  77  * access_ok - Checks if a user space pointer is valid
  78  * @addr: User space pointer to start of block to check
  79  * @size: Size of block to check
  80  *
  81  * Context: User context only. This function may sleep if pagefaults are
  82  *          enabled.
  83  *
  84  * Checks if a pointer to a block of memory in user space is valid.
  85  *
  86  * Note that, depending on architecture, this function probably just
  87  * checks that the pointer is in the user space range - after calling
  88  * this function, memory access functions may still return -EFAULT.
  89  *
  90  * Return: true (nonzero) if the memory block may be valid, false (zero)
  91  * if it is definitely invalid.
  92  */
  93 #define access_ok(addr, size)                                   \
  94 ({                                                                      \
  95         WARN_ON_IN_IRQ();                                               \
  96         likely(!__range_not_ok(addr, size, user_addr_max()));           \
  97 })
  98 
  99 /*
 100  * These are the main single-value transfer routines.  They automatically
 101  * use the right size if we just have the right pointer type.
 102  *
 103  * This gets kind of ugly. We want to return _two_ values in "get_user()"
 104  * and yet we don't want to do any pointers, because that is too much
 105  * of a performance impact. Thus we have a few rather ugly macros here,
 106  * and hide all the ugliness from the user.
 107  *
 108  * The "__xxx" versions of the user access functions are versions that
 109  * do not verify the address space, that must have been done previously
 110  * with a separate "access_ok()" call (this is used when we do multiple
 111  * accesses to the same area of user memory).
 112  */
 113 
 114 extern int __get_user_1(void);
 115 extern int __get_user_2(void);
 116 extern int __get_user_4(void);
 117 extern int __get_user_8(void);
 118 extern int __get_user_bad(void);
 119 
 120 #define __uaccess_begin() stac()
 121 #define __uaccess_end()   clac()
 122 #define __uaccess_begin_nospec()        \
 123 ({                                      \
 124         stac();                         \
 125         barrier_nospec();               \
 126 })
 127 
 128 /*
 129  * This is a type: either unsigned long, if the argument fits into
 130  * that type, or otherwise unsigned long long.
 131  */
 132 #define __inttype(x) \
 133 __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL))
 134 
 135 /**
 136  * get_user - Get a simple variable from user space.
 137  * @x:   Variable to store result.
 138  * @ptr: Source address, in user space.
 139  *
 140  * Context: User context only. This function may sleep if pagefaults are
 141  *          enabled.
 142  *
 143  * This macro copies a single simple variable from user space to kernel
 144  * space.  It supports simple types like char and int, but not larger
 145  * data types like structures or arrays.
 146  *
 147  * @ptr must have pointer-to-simple-variable type, and the result of
 148  * dereferencing @ptr must be assignable to @x without a cast.
 149  *
 150  * Return: zero on success, or -EFAULT on error.
 151  * On error, the variable @x is set to zero.
 152  */
 153 /*
 154  * Careful: we have to cast the result to the type of the pointer
 155  * for sign reasons.
 156  *
 157  * The use of _ASM_DX as the register specifier is a bit of a
 158  * simplification, as gcc only cares about it as the starting point
 159  * and not size: for a 64-bit value it will use %ecx:%edx on 32 bits
 160  * (%ecx being the next register in gcc's x86 register sequence), and
 161  * %rdx on 64 bits.
 162  *
 163  * Clang/LLVM cares about the size of the register, but still wants
 164  * the base register for something that ends up being a pair.
 165  */
 166 #define get_user(x, ptr)                                                \
 167 ({                                                                      \
 168         int __ret_gu;                                                   \
 169         register __inttype(*(ptr)) __val_gu asm("%"_ASM_DX);            \
 170         __chk_user_ptr(ptr);                                            \
 171         might_fault();                                                  \
 172         asm volatile("call __get_user_%P4"                              \
 173                      : "=a" (__ret_gu), "=r" (__val_gu),                \
 174                         ASM_CALL_CONSTRAINT                             \
 175                      : "0" (ptr), "i" (sizeof(*(ptr))));                \
 176         (x) = (__force __typeof__(*(ptr))) __val_gu;                    \
 177         __builtin_expect(__ret_gu, 0);                                  \
 178 })
 179 
 180 #define __put_user_x(size, x, ptr, __ret_pu)                    \
 181         asm volatile("call __put_user_" #size : "=a" (__ret_pu) \
 182                      : "0" ((typeof(*(ptr)))(x)), "c" (ptr) : "ebx")
 183 
 184 
 185 
 186 #ifdef CONFIG_X86_32
 187 #define __put_user_goto_u64(x, addr, label)                     \
 188         asm_volatile_goto("\n"                                  \
 189                      "1:        movl %%eax,0(%1)\n"             \
 190                      "2:        movl %%edx,4(%1)\n"             \
 191                      _ASM_EXTABLE_UA(1b, %l2)                   \
 192                      _ASM_EXTABLE_UA(2b, %l2)                   \
 193                      : : "A" (x), "r" (addr)                    \
 194                      : : label)
 195 
 196 #define __put_user_asm_ex_u64(x, addr)                                  \
 197         asm volatile("\n"                                               \
 198                      "1:        movl %%eax,0(%1)\n"                     \
 199                      "2:        movl %%edx,4(%1)\n"                     \
 200                      "3:"                                               \
 201                      _ASM_EXTABLE_EX(1b, 2b)                            \
 202                      _ASM_EXTABLE_EX(2b, 3b)                            \
 203                      : : "A" (x), "r" (addr))
 204 
 205 #define __put_user_x8(x, ptr, __ret_pu)                         \
 206         asm volatile("call __put_user_8" : "=a" (__ret_pu)      \
 207                      : "A" ((typeof(*(ptr)))(x)), "c" (ptr) : "ebx")
 208 #else
 209 #define __put_user_goto_u64(x, ptr, label) \
 210         __put_user_goto(x, ptr, "q", "", "er", label)
 211 #define __put_user_asm_ex_u64(x, addr)  \
 212         __put_user_asm_ex(x, addr, "q", "", "er")
 213 #define __put_user_x8(x, ptr, __ret_pu) __put_user_x(8, x, ptr, __ret_pu)
 214 #endif
 215 
 216 extern void __put_user_bad(void);
 217 
 218 /*
 219  * Strange magic calling convention: pointer in %ecx,
 220  * value in %eax(:%edx), return value in %eax. clobbers %rbx
 221  */
 222 extern void __put_user_1(void);
 223 extern void __put_user_2(void);
 224 extern void __put_user_4(void);
 225 extern void __put_user_8(void);
 226 
 227 /**
 228  * put_user - Write a simple value into user space.
 229  * @x:   Value to copy to user space.
 230  * @ptr: Destination address, in user space.
 231  *
 232  * Context: User context only. This function may sleep if pagefaults are
 233  *          enabled.
 234  *
 235  * This macro copies a single simple value from kernel space to user
 236  * space.  It supports simple types like char and int, but not larger
 237  * data types like structures or arrays.
 238  *
 239  * @ptr must have pointer-to-simple-variable type, and @x must be assignable
 240  * to the result of dereferencing @ptr.
 241  *
 242  * Return: zero on success, or -EFAULT on error.
 243  */
 244 #define put_user(x, ptr)                                        \
 245 ({                                                              \
 246         int __ret_pu;                                           \
 247         __typeof__(*(ptr)) __pu_val;                            \
 248         __chk_user_ptr(ptr);                                    \
 249         might_fault();                                          \
 250         __pu_val = x;                                           \
 251         switch (sizeof(*(ptr))) {                               \
 252         case 1:                                                 \
 253                 __put_user_x(1, __pu_val, ptr, __ret_pu);       \
 254                 break;                                          \
 255         case 2:                                                 \
 256                 __put_user_x(2, __pu_val, ptr, __ret_pu);       \
 257                 break;                                          \
 258         case 4:                                                 \
 259                 __put_user_x(4, __pu_val, ptr, __ret_pu);       \
 260                 break;                                          \
 261         case 8:                                                 \
 262                 __put_user_x8(__pu_val, ptr, __ret_pu);         \
 263                 break;                                          \
 264         default:                                                \
 265                 __put_user_x(X, __pu_val, ptr, __ret_pu);       \
 266                 break;                                          \
 267         }                                                       \
 268         __builtin_expect(__ret_pu, 0);                          \
 269 })
 270 
 271 #define __put_user_size(x, ptr, size, label)                            \
 272 do {                                                                    \
 273         __chk_user_ptr(ptr);                                            \
 274         switch (size) {                                                 \
 275         case 1:                                                         \
 276                 __put_user_goto(x, ptr, "b", "b", "iq", label); \
 277                 break;                                                  \
 278         case 2:                                                         \
 279                 __put_user_goto(x, ptr, "w", "w", "ir", label);         \
 280                 break;                                                  \
 281         case 4:                                                         \
 282                 __put_user_goto(x, ptr, "l", "k", "ir", label);         \
 283                 break;                                                  \
 284         case 8:                                                         \
 285                 __put_user_goto_u64(x, ptr, label);                     \
 286                 break;                                                  \
 287         default:                                                        \
 288                 __put_user_bad();                                       \
 289         }                                                               \
 290 } while (0)
 291 
 292 /*
 293  * This doesn't do __uaccess_begin/end - the exception handling
 294  * around it must do that.
 295  */
 296 #define __put_user_size_ex(x, ptr, size)                                \
 297 do {                                                                    \
 298         __chk_user_ptr(ptr);                                            \
 299         switch (size) {                                                 \
 300         case 1:                                                         \
 301                 __put_user_asm_ex(x, ptr, "b", "b", "iq");              \
 302                 break;                                                  \
 303         case 2:                                                         \
 304                 __put_user_asm_ex(x, ptr, "w", "w", "ir");              \
 305                 break;                                                  \
 306         case 4:                                                         \
 307                 __put_user_asm_ex(x, ptr, "l", "k", "ir");              \
 308                 break;                                                  \
 309         case 8:                                                         \
 310                 __put_user_asm_ex_u64((__typeof__(*ptr))(x), ptr);      \
 311                 break;                                                  \
 312         default:                                                        \
 313                 __put_user_bad();                                       \
 314         }                                                               \
 315 } while (0)
 316 
 317 #ifdef CONFIG_X86_32
 318 #define __get_user_asm_u64(x, ptr, retval, errret)                      \
 319 ({                                                                      \
 320         __typeof__(ptr) __ptr = (ptr);                                  \
 321         asm volatile("\n"                                       \
 322                      "1:        movl %2,%%eax\n"                        \
 323                      "2:        movl %3,%%edx\n"                        \
 324                      "3:\n"                             \
 325                      ".section .fixup,\"ax\"\n"                         \
 326                      "4:        mov %4,%0\n"                            \
 327                      "  xorl %%eax,%%eax\n"                             \
 328                      "  xorl %%edx,%%edx\n"                             \
 329                      "  jmp 3b\n"                                       \
 330                      ".previous\n"                                      \
 331                      _ASM_EXTABLE_UA(1b, 4b)                            \
 332                      _ASM_EXTABLE_UA(2b, 4b)                            \
 333                      : "=r" (retval), "=&A"(x)                          \
 334                      : "m" (__m(__ptr)), "m" __m(((u32 __user *)(__ptr)) + 1),  \
 335                        "i" (errret), "0" (retval));                     \
 336 })
 337 
 338 #define __get_user_asm_ex_u64(x, ptr)                   (x) = __get_user_bad()
 339 #else
 340 #define __get_user_asm_u64(x, ptr, retval, errret) \
 341          __get_user_asm(x, ptr, retval, "q", "", "=r", errret)
 342 #define __get_user_asm_ex_u64(x, ptr) \
 343          __get_user_asm_ex(x, ptr, "q", "", "=r")
 344 #endif
 345 
 346 #define __get_user_size(x, ptr, size, retval, errret)                   \
 347 do {                                                                    \
 348         retval = 0;                                                     \
 349         __chk_user_ptr(ptr);                                            \
 350         switch (size) {                                                 \
 351         case 1:                                                         \
 352                 __get_user_asm(x, ptr, retval, "b", "b", "=q", errret); \
 353                 break;                                                  \
 354         case 2:                                                         \
 355                 __get_user_asm(x, ptr, retval, "w", "w", "=r", errret); \
 356                 break;                                                  \
 357         case 4:                                                         \
 358                 __get_user_asm(x, ptr, retval, "l", "k", "=r", errret); \
 359                 break;                                                  \
 360         case 8:                                                         \
 361                 __get_user_asm_u64(x, ptr, retval, errret);             \
 362                 break;                                                  \
 363         default:                                                        \
 364                 (x) = __get_user_bad();                                 \
 365         }                                                               \
 366 } while (0)
 367 
 368 #define __get_user_asm(x, addr, err, itype, rtype, ltype, errret)       \
 369         asm volatile("\n"                                               \
 370                      "1:        mov"itype" %2,%"rtype"1\n"              \
 371                      "2:\n"                                             \
 372                      ".section .fixup,\"ax\"\n"                         \
 373                      "3:        mov %3,%0\n"                            \
 374                      "  xor"itype" %"rtype"1,%"rtype"1\n"               \
 375                      "  jmp 2b\n"                                       \
 376                      ".previous\n"                                      \
 377                      _ASM_EXTABLE_UA(1b, 3b)                            \
 378                      : "=r" (err), ltype(x)                             \
 379                      : "m" (__m(addr)), "i" (errret), "0" (err))
 380 
 381 #define __get_user_asm_nozero(x, addr, err, itype, rtype, ltype, errret)        \
 382         asm volatile("\n"                                               \
 383                      "1:        mov"itype" %2,%"rtype"1\n"              \
 384                      "2:\n"                                             \
 385                      ".section .fixup,\"ax\"\n"                         \
 386                      "3:        mov %3,%0\n"                            \
 387                      "  jmp 2b\n"                                       \
 388                      ".previous\n"                                      \
 389                      _ASM_EXTABLE_UA(1b, 3b)                            \
 390                      : "=r" (err), ltype(x)                             \
 391                      : "m" (__m(addr)), "i" (errret), "0" (err))
 392 
 393 /*
 394  * This doesn't do __uaccess_begin/end - the exception handling
 395  * around it must do that.
 396  */
 397 #define __get_user_size_ex(x, ptr, size)                                \
 398 do {                                                                    \
 399         __chk_user_ptr(ptr);                                            \
 400         switch (size) {                                                 \
 401         case 1:                                                         \
 402                 __get_user_asm_ex(x, ptr, "b", "b", "=q");              \
 403                 break;                                                  \
 404         case 2:                                                         \
 405                 __get_user_asm_ex(x, ptr, "w", "w", "=r");              \
 406                 break;                                                  \
 407         case 4:                                                         \
 408                 __get_user_asm_ex(x, ptr, "l", "k", "=r");              \
 409                 break;                                                  \
 410         case 8:                                                         \
 411                 __get_user_asm_ex_u64(x, ptr);                          \
 412                 break;                                                  \
 413         default:                                                        \
 414                 (x) = __get_user_bad();                                 \
 415         }                                                               \
 416 } while (0)
 417 
 418 #define __get_user_asm_ex(x, addr, itype, rtype, ltype)                 \
 419         asm volatile("1:        mov"itype" %1,%"rtype"0\n"              \
 420                      "2:\n"                                             \
 421                      ".section .fixup,\"ax\"\n"                         \
 422                      "3:xor"itype" %"rtype"0,%"rtype"0\n"               \
 423                      "  jmp 2b\n"                                       \
 424                      ".previous\n"                                      \
 425                      _ASM_EXTABLE_EX(1b, 3b)                            \
 426                      : ltype(x) : "m" (__m(addr)))
 427 
 428 #define __put_user_nocheck(x, ptr, size)                        \
 429 ({                                                              \
 430         __label__ __pu_label;                                   \
 431         int __pu_err = -EFAULT;                                 \
 432         __typeof__(*(ptr)) __pu_val = (x);                      \
 433         __typeof__(ptr) __pu_ptr = (ptr);                       \
 434         __typeof__(size) __pu_size = (size);                    \
 435         __uaccess_begin();                                      \
 436         __put_user_size(__pu_val, __pu_ptr, __pu_size, __pu_label);     \
 437         __pu_err = 0;                                           \
 438 __pu_label:                                                     \
 439         __uaccess_end();                                        \
 440         __builtin_expect(__pu_err, 0);                          \
 441 })
 442 
 443 #define __get_user_nocheck(x, ptr, size)                                \
 444 ({                                                                      \
 445         int __gu_err;                                                   \
 446         __inttype(*(ptr)) __gu_val;                                     \
 447         __typeof__(ptr) __gu_ptr = (ptr);                               \
 448         __typeof__(size) __gu_size = (size);                            \
 449         __uaccess_begin_nospec();                                       \
 450         __get_user_size(__gu_val, __gu_ptr, __gu_size, __gu_err, -EFAULT);      \
 451         __uaccess_end();                                                \
 452         (x) = (__force __typeof__(*(ptr)))__gu_val;                     \
 453         __builtin_expect(__gu_err, 0);                                  \
 454 })
 455 
 456 /* FIXME: this hack is definitely wrong -AK */
 457 struct __large_struct { unsigned long buf[100]; };
 458 #define __m(x) (*(struct __large_struct __user *)(x))
 459 
 460 /*
 461  * Tell gcc we read from memory instead of writing: this is because
 462  * we do not write to any memory gcc knows about, so there are no
 463  * aliasing issues.
 464  */
 465 #define __put_user_goto(x, addr, itype, rtype, ltype, label)    \
 466         asm_volatile_goto("\n"                                          \
 467                 "1:     mov"itype" %"rtype"0,%1\n"                      \
 468                 _ASM_EXTABLE_UA(1b, %l2)                                        \
 469                 : : ltype(x), "m" (__m(addr))                           \
 470                 : : label)
 471 
 472 #define __put_user_failed(x, addr, itype, rtype, ltype, errret)         \
 473         ({      __label__ __puflab;                                     \
 474                 int __pufret = errret;                                  \
 475                 __put_user_goto(x,addr,itype,rtype,ltype,__puflab);     \
 476                 __pufret = 0;                                           \
 477         __puflab: __pufret; })
 478 
 479 #define __put_user_asm(x, addr, retval, itype, rtype, ltype, errret)    do {    \
 480         retval = __put_user_failed(x, addr, itype, rtype, ltype, errret);       \
 481 } while (0)
 482 
 483 #define __put_user_asm_ex(x, addr, itype, rtype, ltype)                 \
 484         asm volatile("1:        mov"itype" %"rtype"0,%1\n"              \
 485                      "2:\n"                                             \
 486                      _ASM_EXTABLE_EX(1b, 2b)                            \
 487                      : : ltype(x), "m" (__m(addr)))
 488 
 489 /*
 490  * uaccess_try and catch
 491  */
 492 #define uaccess_try     do {                                            \
 493         current->thread.uaccess_err = 0;                                \
 494         __uaccess_begin();                                              \
 495         barrier();
 496 
 497 #define uaccess_try_nospec do {                                         \
 498         current->thread.uaccess_err = 0;                                \
 499         __uaccess_begin_nospec();                                       \
 500 
 501 #define uaccess_catch(err)                                              \
 502         __uaccess_end();                                                \
 503         (err) |= (current->thread.uaccess_err ? -EFAULT : 0);           \
 504 } while (0)
 505 
 506 /**
 507  * __get_user - Get a simple variable from user space, with less checking.
 508  * @x:   Variable to store result.
 509  * @ptr: Source address, in user space.
 510  *
 511  * Context: User context only. This function may sleep if pagefaults are
 512  *          enabled.
 513  *
 514  * This macro copies a single simple variable from user space to kernel
 515  * space.  It supports simple types like char and int, but not larger
 516  * data types like structures or arrays.
 517  *
 518  * @ptr must have pointer-to-simple-variable type, and the result of
 519  * dereferencing @ptr must be assignable to @x without a cast.
 520  *
 521  * Caller must check the pointer with access_ok() before calling this
 522  * function.
 523  *
 524  * Return: zero on success, or -EFAULT on error.
 525  * On error, the variable @x is set to zero.
 526  */
 527 
 528 #define __get_user(x, ptr)                                              \
 529         __get_user_nocheck((x), (ptr), sizeof(*(ptr)))
 530 
 531 /**
 532  * __put_user - Write a simple value into user space, with less checking.
 533  * @x:   Value to copy to user space.
 534  * @ptr: Destination address, in user space.
 535  *
 536  * Context: User context only. This function may sleep if pagefaults are
 537  *          enabled.
 538  *
 539  * This macro copies a single simple value from kernel space to user
 540  * space.  It supports simple types like char and int, but not larger
 541  * data types like structures or arrays.
 542  *
 543  * @ptr must have pointer-to-simple-variable type, and @x must be assignable
 544  * to the result of dereferencing @ptr.
 545  *
 546  * Caller must check the pointer with access_ok() before calling this
 547  * function.
 548  *
 549  * Return: zero on success, or -EFAULT on error.
 550  */
 551 
 552 #define __put_user(x, ptr)                                              \
 553         __put_user_nocheck((__typeof__(*(ptr)))(x), (ptr), sizeof(*(ptr)))
 554 
 555 /*
 556  * {get|put}_user_try and catch
 557  *
 558  * get_user_try {
 559  *      get_user_ex(...);
 560  * } get_user_catch(err)
 561  */
 562 #define get_user_try            uaccess_try_nospec
 563 #define get_user_catch(err)     uaccess_catch(err)
 564 
 565 #define get_user_ex(x, ptr)     do {                                    \
 566         unsigned long __gue_val;                                        \
 567         __get_user_size_ex((__gue_val), (ptr), (sizeof(*(ptr))));       \
 568         (x) = (__force __typeof__(*(ptr)))__gue_val;                    \
 569 } while (0)
 570 
 571 #define put_user_try            uaccess_try
 572 #define put_user_catch(err)     uaccess_catch(err)
 573 
 574 #define put_user_ex(x, ptr)                                             \
 575         __put_user_size_ex((__typeof__(*(ptr)))(x), (ptr), sizeof(*(ptr)))
 576 
 577 extern unsigned long
 578 copy_from_user_nmi(void *to, const void __user *from, unsigned long n);
 579 extern __must_check long
 580 strncpy_from_user(char *dst, const char __user *src, long count);
 581 
 582 extern __must_check long strnlen_user(const char __user *str, long n);
 583 
 584 unsigned long __must_check clear_user(void __user *mem, unsigned long len);
 585 unsigned long __must_check __clear_user(void __user *mem, unsigned long len);
 586 
 587 extern void __cmpxchg_wrong_size(void)
 588         __compiletime_error("Bad argument size for cmpxchg");
 589 
 590 #define __user_atomic_cmpxchg_inatomic(uval, ptr, old, new, size)       \
 591 ({                                                                      \
 592         int __ret = 0;                                                  \
 593         __typeof__(*(ptr)) __old = (old);                               \
 594         __typeof__(*(ptr)) __new = (new);                               \
 595         __uaccess_begin_nospec();                                       \
 596         switch (size) {                                                 \
 597         case 1:                                                         \
 598         {                                                               \
 599                 asm volatile("\n"                                       \
 600                         "1:\t" LOCK_PREFIX "cmpxchgb %4, %2\n"          \
 601                         "2:\n"                                          \
 602                         "\t.section .fixup, \"ax\"\n"                   \
 603                         "3:\tmov     %3, %0\n"                          \
 604                         "\tjmp     2b\n"                                \
 605                         "\t.previous\n"                                 \
 606                         _ASM_EXTABLE_UA(1b, 3b)                         \
 607                         : "+r" (__ret), "=a" (__old), "+m" (*(ptr))     \
 608                         : "i" (-EFAULT), "q" (__new), "1" (__old)       \
 609                         : "memory"                                      \
 610                 );                                                      \
 611                 break;                                                  \
 612         }                                                               \
 613         case 2:                                                         \
 614         {                                                               \
 615                 asm volatile("\n"                                       \
 616                         "1:\t" LOCK_PREFIX "cmpxchgw %4, %2\n"          \
 617                         "2:\n"                                          \
 618                         "\t.section .fixup, \"ax\"\n"                   \
 619                         "3:\tmov     %3, %0\n"                          \
 620                         "\tjmp     2b\n"                                \
 621                         "\t.previous\n"                                 \
 622                         _ASM_EXTABLE_UA(1b, 3b)                         \
 623                         : "+r" (__ret), "=a" (__old), "+m" (*(ptr))     \
 624                         : "i" (-EFAULT), "r" (__new), "1" (__old)       \
 625                         : "memory"                                      \
 626                 );                                                      \
 627                 break;                                                  \
 628         }                                                               \
 629         case 4:                                                         \
 630         {                                                               \
 631                 asm volatile("\n"                                       \
 632                         "1:\t" LOCK_PREFIX "cmpxchgl %4, %2\n"          \
 633                         "2:\n"                                          \
 634                         "\t.section .fixup, \"ax\"\n"                   \
 635                         "3:\tmov     %3, %0\n"                          \
 636                         "\tjmp     2b\n"                                \
 637                         "\t.previous\n"                                 \
 638                         _ASM_EXTABLE_UA(1b, 3b)                         \
 639                         : "+r" (__ret), "=a" (__old), "+m" (*(ptr))     \
 640                         : "i" (-EFAULT), "r" (__new), "1" (__old)       \
 641                         : "memory"                                      \
 642                 );                                                      \
 643                 break;                                                  \
 644         }                                                               \
 645         case 8:                                                         \
 646         {                                                               \
 647                 if (!IS_ENABLED(CONFIG_X86_64))                         \
 648                         __cmpxchg_wrong_size();                         \
 649                                                                         \
 650                 asm volatile("\n"                                       \
 651                         "1:\t" LOCK_PREFIX "cmpxchgq %4, %2\n"          \
 652                         "2:\n"                                          \
 653                         "\t.section .fixup, \"ax\"\n"                   \
 654                         "3:\tmov     %3, %0\n"                          \
 655                         "\tjmp     2b\n"                                \
 656                         "\t.previous\n"                                 \
 657                         _ASM_EXTABLE_UA(1b, 3b)                         \
 658                         : "+r" (__ret), "=a" (__old), "+m" (*(ptr))     \
 659                         : "i" (-EFAULT), "r" (__new), "1" (__old)       \
 660                         : "memory"                                      \
 661                 );                                                      \
 662                 break;                                                  \
 663         }                                                               \
 664         default:                                                        \
 665                 __cmpxchg_wrong_size();                                 \
 666         }                                                               \
 667         __uaccess_end();                                                \
 668         *(uval) = __old;                                                \
 669         __ret;                                                          \
 670 })
 671 
 672 #define user_atomic_cmpxchg_inatomic(uval, ptr, old, new)               \
 673 ({                                                                      \
 674         access_ok((ptr), sizeof(*(ptr))) ?              \
 675                 __user_atomic_cmpxchg_inatomic((uval), (ptr),           \
 676                                 (old), (new), sizeof(*(ptr))) :         \
 677                 -EFAULT;                                                \
 678 })
 679 
 680 /*
 681  * movsl can be slow when source and dest are not both 8-byte aligned
 682  */
 683 #ifdef CONFIG_X86_INTEL_USERCOPY
 684 extern struct movsl_mask {
 685         int mask;
 686 } ____cacheline_aligned_in_smp movsl_mask;
 687 #endif
 688 
 689 #define ARCH_HAS_NOCACHE_UACCESS 1
 690 
 691 #ifdef CONFIG_X86_32
 692 # include <asm/uaccess_32.h>
 693 #else
 694 # include <asm/uaccess_64.h>
 695 #endif
 696 
 697 /*
 698  * We rely on the nested NMI work to allow atomic faults from the NMI path; the
 699  * nested NMI paths are careful to preserve CR2.
 700  *
 701  * Caller must use pagefault_enable/disable, or run in interrupt context,
 702  * and also do a uaccess_ok() check
 703  */
 704 #define __copy_from_user_nmi __copy_from_user_inatomic
 705 
 706 /*
 707  * The "unsafe" user accesses aren't really "unsafe", but the naming
 708  * is a big fat warning: you have to not only do the access_ok()
 709  * checking before using them, but you have to surround them with the
 710  * user_access_begin/end() pair.
 711  */
 712 static __must_check __always_inline bool user_access_begin(const void __user *ptr, size_t len)
 713 {
 714         if (unlikely(!access_ok(ptr,len)))
 715                 return 0;
 716         __uaccess_begin_nospec();
 717         return 1;
 718 }
 719 #define user_access_begin(a,b)  user_access_begin(a,b)
 720 #define user_access_end()       __uaccess_end()
 721 
 722 #define user_access_save()      smap_save()
 723 #define user_access_restore(x)  smap_restore(x)
 724 
 725 #define unsafe_put_user(x, ptr, label)  \
 726         __put_user_size((__typeof__(*(ptr)))(x), (ptr), sizeof(*(ptr)), label)
 727 
 728 #define unsafe_get_user(x, ptr, err_label)                                      \
 729 do {                                                                            \
 730         int __gu_err;                                                           \
 731         __inttype(*(ptr)) __gu_val;                                             \
 732         __get_user_size(__gu_val, (ptr), sizeof(*(ptr)), __gu_err, -EFAULT);    \
 733         (x) = (__force __typeof__(*(ptr)))__gu_val;                             \
 734         if (unlikely(__gu_err)) goto err_label;                                 \
 735 } while (0)
 736 
 737 /*
 738  * We want the unsafe accessors to always be inlined and use
 739  * the error labels - thus the macro games.
 740  */
 741 #define unsafe_copy_loop(dst, src, len, type, label)                    \
 742         while (len >= sizeof(type)) {                                   \
 743                 unsafe_put_user(*(type *)src,(type __user *)dst,label); \
 744                 dst += sizeof(type);                                    \
 745                 src += sizeof(type);                                    \
 746                 len -= sizeof(type);                                    \
 747         }
 748 
 749 #define unsafe_copy_to_user(_dst,_src,_len,label)                       \
 750 do {                                                                    \
 751         char __user *__ucu_dst = (_dst);                                \
 752         const char *__ucu_src = (_src);                                 \
 753         size_t __ucu_len = (_len);                                      \
 754         unsafe_copy_loop(__ucu_dst, __ucu_src, __ucu_len, u64, label);  \
 755         unsafe_copy_loop(__ucu_dst, __ucu_src, __ucu_len, u32, label);  \
 756         unsafe_copy_loop(__ucu_dst, __ucu_src, __ucu_len, u16, label);  \
 757         unsafe_copy_loop(__ucu_dst, __ucu_src, __ucu_len, u8, label);   \
 758 } while (0)
 759 
 760 #endif /* _ASM_X86_UACCESS_H */
 761 

/* [<][>][^][v][top][bottom][index][help] */