2012-03-05 19:49:32 +08:00
|
|
|
/*
|
|
|
|
* Based on arch/arm/kernel/sys_arm.c
|
|
|
|
*
|
|
|
|
* Copyright (C) People who wrote linux/arch/i386/kernel/sys_i386.c
|
|
|
|
* Copyright (C) 1995, 1996 Russell King.
|
|
|
|
* Copyright (C) 2012 ARM Ltd.
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
* published by the Free Software Foundation.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/compat.h>
|
|
|
|
#include <linux/personality.h>
|
|
|
|
#include <linux/sched.h>
|
2017-02-04 06:47:37 +08:00
|
|
|
#include <linux/sched/signal.h>
|
2012-03-05 19:49:32 +08:00
|
|
|
#include <linux/slab.h>
|
|
|
|
#include <linux/syscalls.h>
|
|
|
|
#include <linux/uaccess.h>
|
|
|
|
|
|
|
|
#include <asm/cacheflush.h>
|
2018-02-02 06:13:37 +08:00
|
|
|
#include <asm/system_misc.h>
|
2014-01-31 01:56:56 +08:00
|
|
|
#include <asm/unistd.h>
|
2012-03-05 19:49:32 +08:00
|
|
|
|
2014-12-01 18:53:08 +08:00
|
|
|
static long
|
|
|
|
__do_compat_cache_op(unsigned long start, unsigned long end)
|
2012-03-05 19:49:32 +08:00
|
|
|
{
|
2014-12-01 18:53:08 +08:00
|
|
|
long ret;
|
2012-03-05 19:49:32 +08:00
|
|
|
|
2014-12-01 18:53:08 +08:00
|
|
|
do {
|
|
|
|
unsigned long chunk = min(PAGE_SIZE, end - start);
|
2012-03-05 19:49:32 +08:00
|
|
|
|
2014-12-01 18:53:08 +08:00
|
|
|
if (fatal_signal_pending(current))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
ret = __flush_cache_user_range(start, start + chunk);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
cond_resched();
|
|
|
|
start += chunk;
|
|
|
|
} while (start < end);
|
|
|
|
|
|
|
|
return 0;
|
2012-03-05 19:49:32 +08:00
|
|
|
}
|
|
|
|
|
2014-12-01 18:53:08 +08:00
|
|
|
static inline long
|
|
|
|
do_compat_cache_op(unsigned long start, unsigned long end, int flags)
|
|
|
|
{
|
|
|
|
if (end < start || flags)
|
|
|
|
return -EINVAL;
|
|
|
|
|
Remove 'type' argument from access_ok() function
Nobody has actually used the type (VERIFY_READ vs VERIFY_WRITE) argument
of the user address range verification function since we got rid of the
old racy i386-only code to walk page tables by hand.
It existed because the original 80386 would not honor the write protect
bit when in kernel mode, so you had to do COW by hand before doing any
user access. But we haven't supported that in a long time, and these
days the 'type' argument is a purely historical artifact.
A discussion about extending 'user_access_begin()' to do the range
checking resulted this patch, because there is no way we're going to
move the old VERIFY_xyz interface to that model. And it's best done at
the end of the merge window when I've done most of my merges, so let's
just get this done once and for all.
This patch was mostly done with a sed-script, with manual fix-ups for
the cases that weren't of the trivial 'access_ok(VERIFY_xyz' form.
There were a couple of notable cases:
- csky still had the old "verify_area()" name as an alias.
- the iter_iov code had magical hardcoded knowledge of the actual
values of VERIFY_{READ,WRITE} (not that they mattered, since nothing
really used it)
- microblaze used the type argument for a debug printout
but other than those oddities this should be a total no-op patch.
I tried to fix up all architectures, did fairly extensive grepping for
access_ok() uses, and the changes are trivial, but I may have missed
something. Any missed conversion should be trivially fixable, though.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-01-04 10:57:57 +08:00
|
|
|
if (!access_ok((const void __user *)start, end - start))
|
2014-12-01 18:53:08 +08:00
|
|
|
return -EFAULT;
|
|
|
|
|
|
|
|
return __do_compat_cache_op(start, end);
|
|
|
|
}
|
2012-03-05 19:49:32 +08:00
|
|
|
/*
|
|
|
|
* Handle all unrecognised system calls.
|
|
|
|
*/
|
2019-01-04 02:00:39 +08:00
|
|
|
long compat_arm_syscall(struct pt_regs *regs, int scno)
|
2012-03-05 19:49:32 +08:00
|
|
|
{
|
2018-09-21 23:24:40 +08:00
|
|
|
void __user *addr;
|
2012-03-05 19:49:32 +08:00
|
|
|
|
2019-01-04 02:00:39 +08:00
|
|
|
switch (scno) {
|
2012-03-05 19:49:32 +08:00
|
|
|
/*
|
|
|
|
* Flush a region from virtual address 'r0' to virtual address 'r1'
|
|
|
|
* _exclusive_. There is no alignment requirement on either address;
|
|
|
|
* user space does not need to know the hardware cache layout.
|
|
|
|
*
|
|
|
|
* r2 contains flags. It should ALWAYS be passed as ZERO until it
|
|
|
|
* is defined to be something else. For now we ignore it, but may
|
|
|
|
* the fires of hell burn in your belly if you break this rule. ;)
|
|
|
|
*
|
|
|
|
* (at a later date, we may want to allow this call to not flush
|
|
|
|
* various aspects of the cache. Passing '0' will guarantee that
|
|
|
|
* everything necessary gets flushed to maintain consistency in
|
|
|
|
* the specified region).
|
|
|
|
*/
|
|
|
|
case __ARM_NR_compat_cacheflush:
|
2014-12-01 18:53:08 +08:00
|
|
|
return do_compat_cache_op(regs->regs[0], regs->regs[1], regs->regs[2]);
|
2012-03-05 19:49:32 +08:00
|
|
|
|
|
|
|
case __ARM_NR_compat_set_tls:
|
2018-03-28 17:50:49 +08:00
|
|
|
current->thread.uw.tp_value = regs->regs[0];
|
2014-09-11 21:38:16 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Protect against register corruption from context switch.
|
|
|
|
* See comment in tls_thread_flush.
|
|
|
|
*/
|
|
|
|
barrier();
|
2016-09-08 20:55:38 +08:00
|
|
|
write_sysreg(regs->regs[0], tpidrro_el0);
|
2012-03-05 19:49:32 +08:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
default:
|
2018-02-02 06:13:37 +08:00
|
|
|
/*
|
2019-01-04 01:45:07 +08:00
|
|
|
* Calls 0xf0xxx..0xf07ff are defined to return -ENOSYS
|
2018-02-02 06:13:37 +08:00
|
|
|
* if not implemented, rather than raising SIGILL. This
|
|
|
|
* way the calling program can gracefully determine whether
|
|
|
|
* a feature is supported.
|
|
|
|
*/
|
2019-01-04 02:00:39 +08:00
|
|
|
if (scno < __ARM_NR_COMPAT_END)
|
2018-02-02 06:13:37 +08:00
|
|
|
return -ENOSYS;
|
|
|
|
break;
|
2012-03-05 19:49:32 +08:00
|
|
|
}
|
2018-02-02 06:13:37 +08:00
|
|
|
|
2018-09-21 23:24:40 +08:00
|
|
|
addr = (void __user *)instruction_pointer(regs) -
|
|
|
|
(compat_thumb_mode(regs) ? 2 : 4);
|
2018-02-02 06:13:37 +08:00
|
|
|
|
2018-09-21 23:24:40 +08:00
|
|
|
arm64_notify_die("Oops - bad compat syscall(2)", regs,
|
2019-01-04 02:00:39 +08:00
|
|
|
SIGILL, ILL_ILLTRP, addr, scno);
|
2018-02-02 06:13:37 +08:00
|
|
|
return 0;
|
2012-03-05 19:49:32 +08:00
|
|
|
}
|