2005-04-17 06:20:36 +08:00
|
|
|
#ifndef __PARISC_UACCESS_H
|
|
|
|
#define __PARISC_UACCESS_H
|
|
|
|
|
|
|
|
/*
|
|
|
|
* User space memory access functions
|
|
|
|
*/
|
2013-06-29 20:03:14 +08:00
|
|
|
#include <asm/processor.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
#include <asm/page.h>
|
|
|
|
#include <asm/cache.h>
|
2010-02-02 03:56:33 +08:00
|
|
|
#include <asm/errno.h>
|
2009-05-14 06:56:30 +08:00
|
|
|
#include <asm-generic/uaccess-unaligned.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-06-29 20:03:14 +08:00
|
|
|
#include <linux/sched.h>
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
#define VERIFY_READ 0
|
|
|
|
#define VERIFY_WRITE 1
|
|
|
|
|
|
|
|
#define KERNEL_DS ((mm_segment_t){0})
|
|
|
|
#define USER_DS ((mm_segment_t){1})
|
|
|
|
|
|
|
|
#define segment_eq(a,b) ((a).seg == (b).seg)
|
|
|
|
|
|
|
|
#define get_ds() (KERNEL_DS)
|
|
|
|
#define get_fs() (current_thread_info()->addr_limit)
|
|
|
|
#define set_fs(x) (current_thread_info()->addr_limit = (x))
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Note that since kernel addresses are in a separate address space on
|
2005-05-01 23:59:08 +08:00
|
|
|
* parisc, we don't need to do anything for access_ok().
|
2005-04-17 06:20:36 +08:00
|
|
|
* We just let the page fault handler do the right thing. This also means
|
|
|
|
* that put_user is the same as __put_user, etc.
|
|
|
|
*/
|
|
|
|
|
|
|
|
extern int __get_kernel_bad(void);
|
|
|
|
extern int __get_user_bad(void);
|
|
|
|
extern int __put_kernel_bad(void);
|
|
|
|
extern int __put_user_bad(void);
|
|
|
|
|
2013-06-29 20:03:14 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Test whether a block of memory is a valid user space address.
|
|
|
|
* Returns 0 if the range is valid, nonzero otherwise.
|
|
|
|
*/
|
|
|
|
static inline int __range_not_ok(unsigned long addr, unsigned long size,
|
|
|
|
unsigned long limit)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2013-06-29 20:03:14 +08:00
|
|
|
unsigned long __newaddr = addr + size;
|
|
|
|
return (__newaddr < addr || __newaddr > limit || size > limit);
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2013-06-29 20:03:14 +08:00
|
|
|
/**
|
|
|
|
* access_ok: - Checks if a user space pointer is valid
|
|
|
|
* @type: Type of access: %VERIFY_READ or %VERIFY_WRITE. Note that
|
|
|
|
* %VERIFY_WRITE is a superset of %VERIFY_READ - if it is safe
|
|
|
|
* to write to a block, it is always safe to read from it.
|
|
|
|
* @addr: User space pointer to start of block to check
|
|
|
|
* @size: Size of block to check
|
|
|
|
*
|
|
|
|
* Context: User context only. This function may sleep.
|
|
|
|
*
|
|
|
|
* Checks if a pointer to a block of memory in user space is valid.
|
|
|
|
*
|
|
|
|
* Returns true (nonzero) if the memory block may be valid, false (zero)
|
|
|
|
* if it is definitely invalid.
|
|
|
|
*
|
|
|
|
* Note that, depending on architecture, this function probably just
|
|
|
|
* checks that the pointer is in the user space range - after calling
|
|
|
|
* this function, memory access functions may still return -EFAULT.
|
|
|
|
*/
|
|
|
|
#define access_ok(type, addr, size) \
|
|
|
|
( __chk_user_ptr(addr), \
|
|
|
|
!__range_not_ok((unsigned long) (__force void *) (addr), \
|
|
|
|
size, user_addr_max()) \
|
|
|
|
)
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
#define put_user __put_user
|
|
|
|
#define get_user __get_user
|
|
|
|
|
2006-12-20 07:35:57 +08:00
|
|
|
#if !defined(CONFIG_64BIT)
|
2005-04-17 06:20:36 +08:00
|
|
|
#define LDD_KERNEL(ptr) __get_kernel_bad();
|
|
|
|
#define LDD_USER(ptr) __get_user_bad();
|
|
|
|
#define STD_KERNEL(x, ptr) __put_kernel_asm64(x,ptr)
|
|
|
|
#define STD_USER(x, ptr) __put_user_asm64(x,ptr)
|
2006-12-20 05:33:58 +08:00
|
|
|
#define ASM_WORD_INSN ".word\t"
|
2005-04-17 06:20:36 +08:00
|
|
|
#else
|
2006-12-20 05:33:58 +08:00
|
|
|
#define LDD_KERNEL(ptr) __get_kernel_asm("ldd",ptr)
|
|
|
|
#define LDD_USER(ptr) __get_user_asm("ldd",ptr)
|
|
|
|
#define STD_KERNEL(x, ptr) __put_kernel_asm("std",x,ptr)
|
|
|
|
#define STD_USER(x, ptr) __put_user_asm("std",x,ptr)
|
|
|
|
#define ASM_WORD_INSN ".dword\t"
|
2005-04-17 06:20:36 +08:00
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The exception table contains two values: the first is an address
|
|
|
|
* for an instruction that is allowed to fault, and the second is
|
2013-10-14 03:11:30 +08:00
|
|
|
* the address to the fixup routine. Even on a 64bit kernel we could
|
|
|
|
* use a 32bit (unsigned int) address here.
|
2005-04-17 06:20:36 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
struct exception_table_entry {
|
2013-10-14 03:11:30 +08:00
|
|
|
unsigned long insn; /* address of insn that is allowed to fault. */
|
|
|
|
unsigned long fixup; /* fixup routine */
|
2005-04-17 06:20:36 +08:00
|
|
|
};
|
|
|
|
|
2007-01-28 21:52:57 +08:00
|
|
|
#define ASM_EXCEPTIONTABLE_ENTRY( fault_addr, except_addr )\
|
|
|
|
".section __ex_table,\"aw\"\n" \
|
|
|
|
ASM_WORD_INSN #fault_addr ", " #except_addr "\n\t" \
|
|
|
|
".previous\n"
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* The page fault handler stores, in a per-cpu area, the following information
|
|
|
|
* if a fixup routine is available.
|
|
|
|
*/
|
|
|
|
struct exception_data {
|
|
|
|
unsigned long fault_ip;
|
|
|
|
unsigned long fault_space;
|
|
|
|
unsigned long fault_addr;
|
|
|
|
};
|
|
|
|
|
|
|
|
#define __get_user(x,ptr) \
|
|
|
|
({ \
|
|
|
|
register long __gu_err __asm__ ("r8") = 0; \
|
|
|
|
register long __gu_val __asm__ ("r9") = 0; \
|
|
|
|
\
|
|
|
|
if (segment_eq(get_fs(),KERNEL_DS)) { \
|
|
|
|
switch (sizeof(*(ptr))) { \
|
|
|
|
case 1: __get_kernel_asm("ldb",ptr); break; \
|
|
|
|
case 2: __get_kernel_asm("ldh",ptr); break; \
|
|
|
|
case 4: __get_kernel_asm("ldw",ptr); break; \
|
|
|
|
case 8: LDD_KERNEL(ptr); break; \
|
|
|
|
default: __get_kernel_bad(); break; \
|
|
|
|
} \
|
|
|
|
} \
|
|
|
|
else { \
|
|
|
|
switch (sizeof(*(ptr))) { \
|
|
|
|
case 1: __get_user_asm("ldb",ptr); break; \
|
|
|
|
case 2: __get_user_asm("ldh",ptr); break; \
|
|
|
|
case 4: __get_user_asm("ldw",ptr); break; \
|
|
|
|
case 8: LDD_USER(ptr); break; \
|
|
|
|
default: __get_user_bad(); break; \
|
|
|
|
} \
|
|
|
|
} \
|
|
|
|
\
|
|
|
|
(x) = (__typeof__(*(ptr))) __gu_val; \
|
|
|
|
__gu_err; \
|
|
|
|
})
|
|
|
|
|
|
|
|
#define __get_kernel_asm(ldx,ptr) \
|
2007-01-28 21:52:57 +08:00
|
|
|
__asm__("\n1:\t" ldx "\t0(%2),%0\n\t" \
|
|
|
|
ASM_EXCEPTIONTABLE_ENTRY(1b, fixup_get_user_skip_1)\
|
2005-04-17 06:20:36 +08:00
|
|
|
: "=r"(__gu_val), "=r"(__gu_err) \
|
|
|
|
: "r"(ptr), "1"(__gu_err) \
|
|
|
|
: "r1");
|
|
|
|
|
|
|
|
#define __get_user_asm(ldx,ptr) \
|
2007-01-28 21:52:57 +08:00
|
|
|
__asm__("\n1:\t" ldx "\t0(%%sr3,%2),%0\n\t" \
|
|
|
|
ASM_EXCEPTIONTABLE_ENTRY(1b,fixup_get_user_skip_1)\
|
2005-04-17 06:20:36 +08:00
|
|
|
: "=r"(__gu_val), "=r"(__gu_err) \
|
|
|
|
: "r"(ptr), "1"(__gu_err) \
|
|
|
|
: "r1");
|
|
|
|
|
|
|
|
#define __put_user(x,ptr) \
|
|
|
|
({ \
|
|
|
|
register long __pu_err __asm__ ("r8") = 0; \
|
|
|
|
__typeof__(*(ptr)) __x = (__typeof__(*(ptr)))(x); \
|
|
|
|
\
|
|
|
|
if (segment_eq(get_fs(),KERNEL_DS)) { \
|
|
|
|
switch (sizeof(*(ptr))) { \
|
|
|
|
case 1: __put_kernel_asm("stb",__x,ptr); break; \
|
|
|
|
case 2: __put_kernel_asm("sth",__x,ptr); break; \
|
|
|
|
case 4: __put_kernel_asm("stw",__x,ptr); break; \
|
|
|
|
case 8: STD_KERNEL(__x,ptr); break; \
|
|
|
|
default: __put_kernel_bad(); break; \
|
|
|
|
} \
|
|
|
|
} \
|
|
|
|
else { \
|
|
|
|
switch (sizeof(*(ptr))) { \
|
|
|
|
case 1: __put_user_asm("stb",__x,ptr); break; \
|
|
|
|
case 2: __put_user_asm("sth",__x,ptr); break; \
|
|
|
|
case 4: __put_user_asm("stw",__x,ptr); break; \
|
|
|
|
case 8: STD_USER(__x,ptr); break; \
|
|
|
|
default: __put_user_bad(); break; \
|
|
|
|
} \
|
|
|
|
} \
|
|
|
|
\
|
|
|
|
__pu_err; \
|
|
|
|
})
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The "__put_user/kernel_asm()" macros tell gcc they read from memory
|
|
|
|
* instead of writing. This is because they do not write to any memory
|
2006-04-23 04:47:21 +08:00
|
|
|
* gcc knows about, so there are no aliasing issues. These macros must
|
|
|
|
* also be aware that "fixup_put_user_skip_[12]" are executed in the
|
|
|
|
* context of the fault, and any registers used there must be listed
|
|
|
|
* as clobbers. In this case only "r1" is used by the current routines.
|
|
|
|
* r8/r9 are already listed as err/val.
|
2005-04-17 06:20:36 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
#define __put_kernel_asm(stx,x,ptr) \
|
|
|
|
__asm__ __volatile__ ( \
|
2007-01-28 21:52:57 +08:00
|
|
|
"\n1:\t" stx "\t%2,0(%1)\n\t" \
|
|
|
|
ASM_EXCEPTIONTABLE_ENTRY(1b,fixup_put_user_skip_1)\
|
2005-04-17 06:20:36 +08:00
|
|
|
: "=r"(__pu_err) \
|
2006-04-23 04:47:21 +08:00
|
|
|
: "r"(ptr), "r"(x), "0"(__pu_err) \
|
|
|
|
: "r1")
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
#define __put_user_asm(stx,x,ptr) \
|
|
|
|
__asm__ __volatile__ ( \
|
2007-01-28 21:52:57 +08:00
|
|
|
"\n1:\t" stx "\t%2,0(%%sr3,%1)\n\t" \
|
|
|
|
ASM_EXCEPTIONTABLE_ENTRY(1b,fixup_put_user_skip_1)\
|
2005-04-17 06:20:36 +08:00
|
|
|
: "=r"(__pu_err) \
|
|
|
|
: "r"(ptr), "r"(x), "0"(__pu_err) \
|
|
|
|
: "r1")
|
|
|
|
|
|
|
|
|
2006-12-20 07:35:57 +08:00
|
|
|
#if !defined(CONFIG_64BIT)
|
2006-12-20 05:33:58 +08:00
|
|
|
|
|
|
|
#define __put_kernel_asm64(__val,ptr) do { \
|
2005-04-17 06:20:36 +08:00
|
|
|
__asm__ __volatile__ ( \
|
2007-01-28 21:52:57 +08:00
|
|
|
"\n1:\tstw %2,0(%1)" \
|
2013-04-22 20:53:43 +08:00
|
|
|
"\n2:\tstw %R2,4(%1)\n\t" \
|
2007-01-28 21:52:57 +08:00
|
|
|
ASM_EXCEPTIONTABLE_ENTRY(1b,fixup_put_user_skip_2)\
|
|
|
|
ASM_EXCEPTIONTABLE_ENTRY(2b,fixup_put_user_skip_1)\
|
2005-04-17 06:20:36 +08:00
|
|
|
: "=r"(__pu_err) \
|
2013-04-22 20:53:43 +08:00
|
|
|
: "r"(ptr), "r"(__val), "0"(__pu_err) \
|
2005-04-17 06:20:36 +08:00
|
|
|
: "r1"); \
|
|
|
|
} while (0)
|
|
|
|
|
2006-12-20 05:33:58 +08:00
|
|
|
#define __put_user_asm64(__val,ptr) do { \
|
2005-04-17 06:20:36 +08:00
|
|
|
__asm__ __volatile__ ( \
|
2007-01-28 21:52:57 +08:00
|
|
|
"\n1:\tstw %2,0(%%sr3,%1)" \
|
2013-04-22 20:53:43 +08:00
|
|
|
"\n2:\tstw %R2,4(%%sr3,%1)\n\t" \
|
2007-01-28 21:52:57 +08:00
|
|
|
ASM_EXCEPTIONTABLE_ENTRY(1b,fixup_put_user_skip_2)\
|
|
|
|
ASM_EXCEPTIONTABLE_ENTRY(2b,fixup_put_user_skip_1)\
|
2005-04-17 06:20:36 +08:00
|
|
|
: "=r"(__pu_err) \
|
2013-04-22 20:53:43 +08:00
|
|
|
: "r"(ptr), "r"(__val), "0"(__pu_err) \
|
2005-04-17 06:20:36 +08:00
|
|
|
: "r1"); \
|
|
|
|
} while (0)
|
|
|
|
|
2006-12-20 07:35:57 +08:00
|
|
|
#endif /* !defined(CONFIG_64BIT) */
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Complex access routines -- external declarations
|
|
|
|
*/
|
|
|
|
|
|
|
|
extern unsigned long lcopy_to_user(void __user *, const void *, unsigned long);
|
|
|
|
extern unsigned long lcopy_from_user(void *, const void __user *, unsigned long);
|
|
|
|
extern unsigned long lcopy_in_user(void __user *, const void __user *, unsigned long);
|
2012-05-26 16:48:19 +08:00
|
|
|
extern long strncpy_from_user(char *, const char __user *, long);
|
2005-04-17 06:20:36 +08:00
|
|
|
extern unsigned lclear_user(void __user *,unsigned long);
|
|
|
|
extern long lstrnlen_user(const char __user *,long);
|
|
|
|
/*
|
|
|
|
* Complex access routines -- macros
|
|
|
|
*/
|
2013-06-29 20:03:14 +08:00
|
|
|
#ifdef CONFIG_COMPAT
|
|
|
|
#define user_addr_max() (TASK_SIZE)
|
|
|
|
#else
|
|
|
|
#define user_addr_max() (DEFAULT_TASK_SIZE)
|
|
|
|
#endif
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
#define strnlen_user lstrnlen_user
|
|
|
|
#define strlen_user(str) lstrnlen_user(str, 0x7fffffffL)
|
|
|
|
#define clear_user lclear_user
|
|
|
|
#define __clear_user lclear_user
|
|
|
|
|
|
|
|
unsigned long copy_to_user(void __user *dst, const void *src, unsigned long len);
|
|
|
|
#define __copy_to_user copy_to_user
|
2010-02-02 03:56:33 +08:00
|
|
|
unsigned long __copy_from_user(void *dst, const void __user *src, unsigned long len);
|
2005-04-17 06:20:36 +08:00
|
|
|
unsigned long copy_in_user(void __user *dst, const void __user *src, unsigned long len);
|
|
|
|
#define __copy_in_user copy_in_user
|
|
|
|
#define __copy_to_user_inatomic __copy_to_user
|
|
|
|
#define __copy_from_user_inatomic __copy_from_user
|
|
|
|
|
2010-02-02 03:56:33 +08:00
|
|
|
extern void copy_from_user_overflow(void)
|
|
|
|
#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
|
|
|
|
__compiletime_error("copy_from_user() buffer size is not provably correct")
|
|
|
|
#else
|
|
|
|
__compiletime_warning("copy_from_user() buffer size is not provably correct")
|
|
|
|
#endif
|
|
|
|
;
|
|
|
|
|
|
|
|
static inline unsigned long __must_check copy_from_user(void *to,
|
|
|
|
const void __user *from,
|
|
|
|
unsigned long n)
|
|
|
|
{
|
|
|
|
int sz = __compiletime_object_size(to);
|
|
|
|
int ret = -EFAULT;
|
|
|
|
|
|
|
|
if (likely(sz == -1 || !__builtin_constant_p(n) || sz >= n))
|
|
|
|
ret = __copy_from_user(to, from, n);
|
|
|
|
else
|
|
|
|
copy_from_user_overflow();
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2009-01-14 03:52:46 +08:00
|
|
|
struct pt_regs;
|
parisc: fix kernel crash (protection id trap) when compiling ruby1.9
On Wed, Dec 17, 2008 at 11:46:05PM +0100, Helge Deller wrote:
>
Honestly, I can't decide whether to apply this. It really should never
happen in the kernel, since the kernel can guarantee it won't get the
access rights failure (highest privilege level, and can set %sr and
%protid to whatever it wants.)
It really genuinely is a bug that probably should panic the kernel. The
only precedent I can easily see is x86 fixing up a bad iret with a
general protection fault, which is more or less analogous to code 27
here.
On the other hand, taking the exception on a userspace access really
isn't all that critical, and there's fundamentally little reason for the
kernel not to SIGSEGV the process, and continue...
Argh.
(btw, I've instrumented my do_sys_poll with a pile of assertions that
%cr8 << 1 == %sr3 == current->mm.context... let's see if where we're
getting corrupted is deterministic, though, I would guess that it won't
be.)
Signed-off-by: Kyle McMartin <kyle@mcmartin.ca>
2008-12-20 10:29:06 +08:00
|
|
|
int fixup_exception(struct pt_regs *regs);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
#endif /* __PARISC_UACCESS_H */
|