cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

uaccess.h (9255B)


      1/* SPDX-License-Identifier: GPL-2.0 */
      2#ifndef _ASM_IA64_UACCESS_H
      3#define _ASM_IA64_UACCESS_H
      4
      5/*
      6 * This file defines various macros to transfer memory areas across
      7 * the user/kernel boundary.  This needs to be done carefully because
      8 * this code is executed in kernel mode and uses user-specified
      9 * addresses.  Thus, we need to be careful not to let the user to
     10 * trick us into accessing kernel memory that would normally be
     11 * inaccessible.  This code is also fairly performance sensitive,
     12 * so we want to spend as little time doing safety checks as
     13 * possible.
     14 *
     15 * To make matters a bit more interesting, these macros sometimes also
     16 * called from within the kernel itself, in which case the address
     17 * validity check must be skipped.  The get_fs() macro tells us what
     18 * to do: if get_fs()==USER_DS, checking is performed, if
     19 * get_fs()==KERNEL_DS, checking is bypassed.
     20 *
     21 * Note that even if the memory area specified by the user is in a
     22 * valid address range, it is still possible that we'll get a page
     23 * fault while accessing it.  This is handled by filling out an
     24 * exception handler fixup entry for each instruction that has the
     25 * potential to fault.  When such a fault occurs, the page fault
     26 * handler checks to see whether the faulting instruction has a fixup
     27 * associated and, if so, sets r8 to -EFAULT and clears r9 to 0 and
     28 * then resumes execution at the continuation point.
     29 *
     30 * Based on <asm-alpha/uaccess.h>.
     31 *
     32 * Copyright (C) 1998, 1999, 2001-2004 Hewlett-Packard Co
     33 *	David Mosberger-Tang <davidm@hpl.hp.com>
     34 */
     35
     36#include <linux/compiler.h>
     37#include <linux/page-flags.h>
     38
     39#include <asm/intrinsics.h>
     40#include <linux/pgtable.h>
     41#include <asm/io.h>
     42#include <asm/extable.h>
     43
     44/*
     45 * When accessing user memory, we need to make sure the entire area really is
     46 * in user-level space.  We also need to make sure that the address doesn't
     47 * point inside the virtually mapped linear page table.
     48 */
     49static inline int __access_ok(const void __user *p, unsigned long size)
     50{
     51	unsigned long limit = TASK_SIZE;
     52	unsigned long addr = (unsigned long)p;
     53
     54	return likely((size <= limit) && (addr <= (limit - size)) &&
     55		 likely(REGION_OFFSET(addr) < RGN_MAP_LIMIT));
     56}
     57#define __access_ok __access_ok
     58#include <asm-generic/access_ok.h>
     59
     60/*
     61 * These are the main single-value transfer routines.  They automatically
     62 * use the right size if we just have the right pointer type.
     63 *
     64 * Careful to not
     65 * (a) re-use the arguments for side effects (sizeof/typeof is ok)
     66 * (b) require any knowledge of processes at this stage
     67 */
     68#define put_user(x, ptr)	__put_user_check((__typeof__(*(ptr))) (x), (ptr), sizeof(*(ptr)))
     69#define get_user(x, ptr)	__get_user_check((x), (ptr), sizeof(*(ptr)))
     70
     71/*
     72 * The "__xxx" versions do not do address space checking, useful when
     73 * doing multiple accesses to the same area (the programmer has to do the
     74 * checks by hand with "access_ok()")
     75 */
     76#define __put_user(x, ptr)	__put_user_nocheck((__typeof__(*(ptr))) (x), (ptr), sizeof(*(ptr)))
     77#define __get_user(x, ptr)	__get_user_nocheck((x), (ptr), sizeof(*(ptr)))
     78
     79#ifdef ASM_SUPPORTED
     80  struct __large_struct { unsigned long buf[100]; };
     81# define __m(x) (*(struct __large_struct __user *)(x))
     82
     83/* We need to declare the __ex_table section before we can use it in .xdata.  */
     84asm (".section \"__ex_table\", \"a\"\n\t.previous");
     85
     86# define __get_user_size(val, addr, n, err)							\
     87do {												\
     88	register long __gu_r8 asm ("r8") = 0;							\
     89	register long __gu_r9 asm ("r9");							\
     90	asm ("\n[1:]\tld"#n" %0=%2%P2\t// %0 and %1 get overwritten by exception handler\n"	\
     91	     "\t.xdata4 \"__ex_table\", 1b-., 1f-.+4\n"						\
     92	     "[1:]"										\
     93	     : "=r"(__gu_r9), "=r"(__gu_r8) : "m"(__m(addr)), "1"(__gu_r8));			\
     94	(err) = __gu_r8;									\
     95	(val) = __gu_r9;									\
     96} while (0)
     97
     98/*
     99 * The "__put_user_size()" macro tells gcc it reads from memory instead of writing it.  This
    100 * is because they do not write to any memory gcc knows about, so there are no aliasing
    101 * issues.
    102 */
    103# define __put_user_size(val, addr, n, err)							\
    104do {												\
    105	register long __pu_r8 asm ("r8") = 0;							\
    106	asm volatile ("\n[1:]\tst"#n" %1=%r2%P1\t// %0 gets overwritten by exception handler\n"	\
    107		      "\t.xdata4 \"__ex_table\", 1b-., 1f-.\n"					\
    108		      "[1:]"									\
    109		      : "=r"(__pu_r8) : "m"(__m(addr)), "rO"(val), "0"(__pu_r8));		\
    110	(err) = __pu_r8;									\
    111} while (0)
    112
    113#else /* !ASM_SUPPORTED */
    114# define RELOC_TYPE	2	/* ip-rel */
    115# define __get_user_size(val, addr, n, err)				\
    116do {									\
    117	__ld_user("__ex_table", (unsigned long) addr, n, RELOC_TYPE);	\
    118	(err) = ia64_getreg(_IA64_REG_R8);				\
    119	(val) = ia64_getreg(_IA64_REG_R9);				\
    120} while (0)
    121# define __put_user_size(val, addr, n, err)				\
    122do {									\
    123	__st_user("__ex_table", (unsigned long) addr, n, RELOC_TYPE,	\
    124		  (__force unsigned long) (val));			\
    125	(err) = ia64_getreg(_IA64_REG_R8);				\
    126} while (0)
    127#endif /* !ASM_SUPPORTED */
    128
    129extern void __get_user_unknown (void);
    130
    131/*
    132 * Evaluating arguments X, PTR, SIZE, and SEGMENT may involve subroutine-calls, which
    133 * could clobber r8 and r9 (among others).  Thus, be careful not to evaluate it while
    134 * using r8/r9.
    135 */
    136#define __do_get_user(check, x, ptr, size)						\
    137({											\
    138	const __typeof__(*(ptr)) __user *__gu_ptr = (ptr);				\
    139	__typeof__ (size) __gu_size = (size);						\
    140	long __gu_err = -EFAULT;							\
    141	unsigned long __gu_val = 0;							\
    142	if (!check || __access_ok(__gu_ptr, size))					\
    143		switch (__gu_size) {							\
    144		      case 1: __get_user_size(__gu_val, __gu_ptr, 1, __gu_err); break;	\
    145		      case 2: __get_user_size(__gu_val, __gu_ptr, 2, __gu_err); break;	\
    146		      case 4: __get_user_size(__gu_val, __gu_ptr, 4, __gu_err); break;	\
    147		      case 8: __get_user_size(__gu_val, __gu_ptr, 8, __gu_err); break;	\
    148		      default: __get_user_unknown(); break;				\
    149		}									\
    150	(x) = (__force __typeof__(*(__gu_ptr))) __gu_val;				\
    151	__gu_err;									\
    152})
    153
    154#define __get_user_nocheck(x, ptr, size)	__do_get_user(0, x, ptr, size)
    155#define __get_user_check(x, ptr, size)	__do_get_user(1, x, ptr, size)
    156
    157extern void __put_user_unknown (void);
    158
    159/*
    160 * Evaluating arguments X, PTR, SIZE, and SEGMENT may involve subroutine-calls, which
    161 * could clobber r8 (among others).  Thus, be careful not to evaluate them while using r8.
    162 */
    163#define __do_put_user(check, x, ptr, size)						\
    164({											\
    165	__typeof__ (x) __pu_x = (x);							\
    166	__typeof__ (*(ptr)) __user *__pu_ptr = (ptr);					\
    167	__typeof__ (size) __pu_size = (size);						\
    168	long __pu_err = -EFAULT;							\
    169											\
    170	if (!check || __access_ok(__pu_ptr, __pu_size))					\
    171		switch (__pu_size) {							\
    172		      case 1: __put_user_size(__pu_x, __pu_ptr, 1, __pu_err); break;	\
    173		      case 2: __put_user_size(__pu_x, __pu_ptr, 2, __pu_err); break;	\
    174		      case 4: __put_user_size(__pu_x, __pu_ptr, 4, __pu_err); break;	\
    175		      case 8: __put_user_size(__pu_x, __pu_ptr, 8, __pu_err); break;	\
    176		      default: __put_user_unknown(); break;				\
    177		}									\
    178	__pu_err;									\
    179})
    180
    181#define __put_user_nocheck(x, ptr, size)	__do_put_user(0, x, ptr, size)
    182#define __put_user_check(x, ptr, size)	__do_put_user(1, x, ptr, size)
    183
    184/*
    185 * Complex access routines
    186 */
    187extern unsigned long __must_check __copy_user (void __user *to, const void __user *from,
    188					       unsigned long count);
    189
    190static inline unsigned long
    191raw_copy_to_user(void __user *to, const void *from, unsigned long count)
    192{
    193	return __copy_user(to, (__force void __user *) from, count);
    194}
    195
    196static inline unsigned long
    197raw_copy_from_user(void *to, const void __user *from, unsigned long count)
    198{
    199	return __copy_user((__force void __user *) to, from, count);
    200}
    201
    202#define INLINE_COPY_FROM_USER
    203#define INLINE_COPY_TO_USER
    204
    205extern unsigned long __do_clear_user (void __user *, unsigned long);
    206
    207#define __clear_user(to, n)		__do_clear_user(to, n)
    208
    209#define clear_user(to, n)					\
    210({								\
    211	unsigned long __cu_len = (n);				\
    212	if (__access_ok(to, __cu_len))				\
    213		__cu_len = __do_clear_user(to, __cu_len);	\
    214	__cu_len;						\
    215})
    216
    217
    218/*
    219 * Returns: -EFAULT if exception before terminator, N if the entire buffer filled, else
    220 * strlen.
    221 */
    222extern long __must_check __strncpy_from_user (char *to, const char __user *from, long to_len);
    223
    224#define strncpy_from_user(to, from, n)					\
    225({									\
    226	const char __user * __sfu_from = (from);			\
    227	long __sfu_ret = -EFAULT;					\
    228	if (__access_ok(__sfu_from, 0))					\
    229		__sfu_ret = __strncpy_from_user((to), __sfu_from, (n));	\
    230	__sfu_ret;							\
    231})
    232
    233/*
    234 * Returns: 0 if exception before NUL or reaching the supplied limit
    235 * (N), a value greater than N if the limit would be exceeded, else
    236 * strlen.
    237 */
    238extern unsigned long __strnlen_user (const char __user *, long);
    239
    240#define strnlen_user(str, len)					\
    241({								\
    242	const char __user *__su_str = (str);			\
    243	unsigned long __su_ret = 0;				\
    244	if (__access_ok(__su_str, 0))				\
    245		__su_ret = __strnlen_user(__su_str, len);	\
    246	__su_ret;						\
    247})
    248
    249#define ARCH_HAS_TRANSLATE_MEM_PTR	1
    250static __inline__ void *
    251xlate_dev_mem_ptr(phys_addr_t p)
    252{
    253	struct page *page;
    254	void *ptr;
    255
    256	page = pfn_to_page(p >> PAGE_SHIFT);
    257	if (PageUncached(page))
    258		ptr = (void *)p + __IA64_UNCACHED_OFFSET;
    259	else
    260		ptr = __va(p);
    261
    262	return ptr;
    263}
    264
    265#endif /* _ASM_IA64_UACCESS_H */