2005-04-16 15:20:36 -07:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2002 Jeff Dike (jdike@karaya.com)
|
|
|
|
* Licensed under the GPL
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef __ARCH_UM_UACCESS_H
|
|
|
|
#define __ARCH_UM_UACCESS_H
|
|
|
|
|
|
|
|
#include "choose-mode.h"
|
|
|
|
|
|
|
|
#ifdef CONFIG_MODE_TT
|
|
|
|
#include "uaccess-tt.h"
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifdef CONFIG_MODE_SKAS
|
|
|
|
#include "uaccess-skas.h"
|
|
|
|
#endif
|
|
|
|
|
2005-12-12 01:37:16 -07:00
|
|
|
#include "asm/fixmap.h"
|
|
|
|
|
[PATCH] uml: fix access_ok
The access_ok_tt() macro is bogus, in that a read access is unconditionally
considered valid.
I couldn't find in SCM logs the introduction of this check, but I went back to
2.4.20-1um and the definition was the same.
Possibly this was done to avoid problems with missing set_fs() calls, but
there can't be any I think because they would fail with SKAS mode.
TT-specific code is still to check.
Also, this patch joins common code together, and makes the "address range
wrapping" check happen for all cases, rather than for only some.
This may, possibly, be reoptimized at some time, but the current code doesn't
seem clever, just confused.
* Important: I've also had to change references to access_ok_{tt,skas} back to
access_ok - the kernel wasn't that happy otherwise.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-13 17:07:13 -07:00
|
|
|
#define __under_task_size(addr, size) \
|
|
|
|
(((unsigned long) (addr) < TASK_SIZE) && \
|
|
|
|
(((unsigned long) (addr) + (size)) < TASK_SIZE))
|
|
|
|
|
|
|
|
#define __access_ok_vsyscall(type, addr, size) \
|
|
|
|
((type == VERIFY_READ) && \
|
|
|
|
((unsigned long) (addr) >= FIXADDR_USER_START) && \
|
|
|
|
((unsigned long) (addr) + (size) <= FIXADDR_USER_END) && \
|
|
|
|
((unsigned long) (addr) + (size) >= (unsigned long)(addr)))
|
|
|
|
|
|
|
|
#define __addr_range_nowrap(addr, size) \
|
|
|
|
((unsigned long) (addr) <= ((unsigned long) (addr) + (size)))
|
|
|
|
|
2005-04-16 15:20:36 -07:00
|
|
|
#define access_ok(type, addr, size) \
|
[PATCH] uml: fix access_ok
The access_ok_tt() macro is bogus, in that a read access is unconditionally
considered valid.
I couldn't find in SCM logs the introduction of this check, but I went back to
2.4.20-1um and the definition was the same.
Possibly this was done to avoid problems with missing set_fs() calls, but
there can't be any I think because they would fail with SKAS mode.
TT-specific code is still to check.
Also, this patch joins common code together, and makes the "address range
wrapping" check happen for all cases, rather than for only some.
This may, possibly, be reoptimized at some time, but the current code doesn't
seem clever, just confused.
* Important: I've also had to change references to access_ok_{tt,skas} back to
access_ok - the kernel wasn't that happy otherwise.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-13 17:07:13 -07:00
|
|
|
(__addr_range_nowrap(addr, size) && \
|
|
|
|
(__under_task_size(addr, size) || \
|
|
|
|
__access_ok_vsyscall(type, addr, size) || \
|
|
|
|
segment_eq(get_fs(), KERNEL_DS) || \
|
|
|
|
CHOOSE_MODE_PROC(access_ok_tt, access_ok_skas, type, addr, size)))
|
2005-04-16 15:20:36 -07:00
|
|
|
|
|
|
|
static inline int copy_from_user(void *to, const void __user *from, int n)
|
|
|
|
{
|
|
|
|
return(CHOOSE_MODE_PROC(copy_from_user_tt, copy_from_user_skas, to,
|
|
|
|
from, n));
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int copy_to_user(void __user *to, const void *from, int n)
|
|
|
|
{
|
|
|
|
return(CHOOSE_MODE_PROC(copy_to_user_tt, copy_to_user_skas, to,
|
|
|
|
from, n));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* strncpy_from_user: - Copy a NUL terminated string from userspace.
|
|
|
|
* @dst: Destination address, in kernel space. This buffer must be at
|
|
|
|
* least @count bytes long.
|
|
|
|
* @src: Source address, in user space.
|
|
|
|
* @count: Maximum number of bytes to copy, including the trailing NUL.
|
|
|
|
*
|
|
|
|
* Copies a NUL-terminated string from userspace to kernel space.
|
|
|
|
*
|
|
|
|
* On success, returns the length of the string (not including the trailing
|
|
|
|
* NUL).
|
|
|
|
*
|
|
|
|
* If access to userspace fails, returns -EFAULT (some data may have been
|
|
|
|
* copied).
|
|
|
|
*
|
|
|
|
* If @count is smaller than the length of the string, copies @count bytes
|
|
|
|
* and returns @count.
|
|
|
|
*/
|
|
|
|
|
|
|
|
static inline int strncpy_from_user(char *dst, const char __user *src, int count)
|
|
|
|
{
|
|
|
|
return(CHOOSE_MODE_PROC(strncpy_from_user_tt, strncpy_from_user_skas,
|
|
|
|
dst, src, count));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* __clear_user: - Zero a block of memory in user space, with less checking.
|
|
|
|
* @to: Destination address, in user space.
|
|
|
|
* @n: Number of bytes to zero.
|
|
|
|
*
|
|
|
|
* Zero a block of memory in user space. Caller must check
|
|
|
|
* the specified block with access_ok() before calling this function.
|
|
|
|
*
|
|
|
|
* Returns number of bytes that could not be cleared.
|
|
|
|
* On success, this will be zero.
|
|
|
|
*/
|
|
|
|
static inline int __clear_user(void *mem, int len)
|
|
|
|
{
|
|
|
|
return(CHOOSE_MODE_PROC(__clear_user_tt, __clear_user_skas, mem, len));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* clear_user: - Zero a block of memory in user space.
|
|
|
|
* @to: Destination address, in user space.
|
|
|
|
* @n: Number of bytes to zero.
|
|
|
|
*
|
|
|
|
* Zero a block of memory in user space.
|
|
|
|
*
|
|
|
|
* Returns number of bytes that could not be cleared.
|
|
|
|
* On success, this will be zero.
|
|
|
|
*/
|
|
|
|
static inline int clear_user(void __user *mem, int len)
|
|
|
|
{
|
|
|
|
return(CHOOSE_MODE_PROC(clear_user_tt, clear_user_skas, mem, len));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* strlen_user: - Get the size of a string in user space.
|
|
|
|
* @str: The string to measure.
|
|
|
|
* @n: The maximum valid length
|
|
|
|
*
|
|
|
|
* Get the size of a NUL-terminated string in user space.
|
|
|
|
*
|
|
|
|
* Returns the size of the string INCLUDING the terminating NUL.
|
|
|
|
* On exception, returns 0.
|
|
|
|
* If the string is too long, returns a value greater than @n.
|
|
|
|
*/
|
|
|
|
static inline int strnlen_user(const void __user *str, long len)
|
|
|
|
{
|
|
|
|
return(CHOOSE_MODE_PROC(strnlen_user_tt, strnlen_user_skas, str, len));
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Overrides for Emacs so that we follow Linus's tabbing style.
|
|
|
|
* Emacs will notice this stuff at the end of the file and automatically
|
|
|
|
* adjust the settings for this buffer only. This must remain at the end
|
|
|
|
* of the file.
|
|
|
|
* ---------------------------------------------------------------------------
|
|
|
|
* Local variables:
|
|
|
|
* c-file-style: "linux"
|
|
|
|
* End:
|
|
|
|
*/
|