2005-04-17 00:20:36 +02:00
|
|
|
/*
|
2007-10-16 10:26:57 +02:00
|
|
|
* Copyright (C) 2002 - 2007 Jeff Dike (jdike@{addtoit,linux.intel}.com)
|
2005-04-17 00:20:36 +02:00
|
|
|
* Licensed under the GPL
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef __ARCH_UM_UACCESS_H
|
|
|
|
|
#define __ARCH_UM_UACCESS_H
|
|
|
|
|
|
uml: header untangling
Untangle UML headers somewhat and add some includes where they were
needed explicitly, but gotten accidentally via some other header.
arch/um/include/um_uaccess.h loses asm/fixmap.h because it uses no
fixmap stuff and gains elf.h, because it needs FIXADDR_USER_*, and
archsetjmp.h, because it needs jmp_buf.
pmd_alloc_one is uninlined because it needs mm_struct, and that's
inconvenient to provide in asm-um/pgtable-3level.h.
elf_core_copy_fpregs is also uninlined from elf-i386.h and
elf-x86_64.h, which duplicated the code anyway, to
arch/um/kernel/process.c, so that the reference to current_thread
doesn't pull sched.h or anything related into asm/elf.h.
arch/um/sys-i386/ldt.c, arch/um/kernel/tlb.c and
arch/um/kernel/skas/uaccess.c got sched.h because they dereference
task_structs. Its includes of linux and asm headers got turned from
"" to <>.
arch/um/sys-i386/bug.c gets asm/errno.h because it needs errno
constants.
asm/elf-i386 gets asm/user.h because it needs user_regs_struct.
asm/fixmap.h gets page.h because it needs PAGE_SIZE and PAGE_MASK and
system.h for BUG_ON.
asm/pgtable doesn't need sched.h.
asm/processor-generic.h defined mm_segment_t, but didn't use it. So,
that definition is moved to uaccess.h, which defines a bunch of
mm_segment_t-related stuff. thread_info.h uses mm_segment_t, and
includes uaccess.h, which causes a recursion. So, the definition is
placed above the include of thread_info. in uaccess.h. thread_info.h
also gets page.h because it needs PAGE_SIZE.
ObCheckpatchViolationJustification - I'm not adding a typedef; I'm
moving mm_segment_t from one place to another.
Signed-off-by: Jeff Dike <jdike@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-02-05 07:30:53 +01:00
|
|
|
#include <asm/elf.h>
|
|
|
|
|
#include <asm/fixmap.h>
|
|
|
|
|
#include "sysdep/archsetjmp.h"
|
2005-12-12 09:37:16 +01:00
|
|
|
|
[PATCH] uml: fix access_ok
The access_ok_tt() macro is bogus, in that a read access is unconditionally
considered valid.
I couldn't find in SCM logs the introduction of this check, but I went back to
2.4.20-1um and the definition was the same.
Possibly this was done to avoid problems with missing set_fs() calls, but
there can't be any I think because they would fail with SKAS mode.
TT-specific code is still to check.
Also, this patch joins common code together, and makes the "address range
wrapping" check happen for all cases, rather than for only some.
This may, possibly, be reoptimized at some time, but the current code doesn't
seem clever, just confused.
* Important: I've also had to change references to access_ok_{tt,skas} back to
access_ok - the kernel wasn't that happy otherwise.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-14 01:07:13 +01:00
|
|
|
#define __under_task_size(addr, size) \
|
|
|
|
|
(((unsigned long) (addr) < TASK_SIZE) && \
|
2007-10-16 10:26:57 +02:00
|
|
|
(((unsigned long) (addr) + (size)) < TASK_SIZE))
|
[PATCH] uml: fix access_ok
The access_ok_tt() macro is bogus, in that a read access is unconditionally
considered valid.
I couldn't find in SCM logs the introduction of this check, but I went back to
2.4.20-1um and the definition was the same.
Possibly this was done to avoid problems with missing set_fs() calls, but
there can't be any I think because they would fail with SKAS mode.
TT-specific code is still to check.
Also, this patch joins common code together, and makes the "address range
wrapping" check happen for all cases, rather than for only some.
This may, possibly, be reoptimized at some time, but the current code doesn't
seem clever, just confused.
* Important: I've also had to change references to access_ok_{tt,skas} back to
access_ok - the kernel wasn't that happy otherwise.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-14 01:07:13 +01:00
|
|
|
|
|
|
|
|
#define __access_ok_vsyscall(type, addr, size) \
|
|
|
|
|
((type == VERIFY_READ) && \
|
|
|
|
|
((unsigned long) (addr) >= FIXADDR_USER_START) && \
|
|
|
|
|
((unsigned long) (addr) + (size) <= FIXADDR_USER_END) && \
|
|
|
|
|
((unsigned long) (addr) + (size) >= (unsigned long)(addr)))
|
|
|
|
|
|
|
|
|
|
#define __addr_range_nowrap(addr, size) \
|
|
|
|
|
((unsigned long) (addr) <= ((unsigned long) (addr) + (size)))
|
|
|
|
|
|
2005-04-17 00:20:36 +02:00
|
|
|
#define access_ok(type, addr, size) \
|
[PATCH] uml: fix access_ok
The access_ok_tt() macro is bogus, in that a read access is unconditionally
considered valid.
I couldn't find in SCM logs the introduction of this check, but I went back to
2.4.20-1um and the definition was the same.
Possibly this was done to avoid problems with missing set_fs() calls, but
there can't be any I think because they would fail with SKAS mode.
TT-specific code is still to check.
Also, this patch joins common code together, and makes the "address range
wrapping" check happen for all cases, rather than for only some.
This may, possibly, be reoptimized at some time, but the current code doesn't
seem clever, just confused.
* Important: I've also had to change references to access_ok_{tt,skas} back to
access_ok - the kernel wasn't that happy otherwise.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-14 01:07:13 +01:00
|
|
|
(__addr_range_nowrap(addr, size) && \
|
|
|
|
|
(__under_task_size(addr, size) || \
|
|
|
|
|
__access_ok_vsyscall(type, addr, size) || \
|
2007-10-16 10:26:56 +02:00
|
|
|
segment_eq(get_fs(), KERNEL_DS)))
|
2005-04-17 00:20:36 +02:00
|
|
|
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int copy_from_user(void *to, const void __user *from, int n);
|
|
|
|
|
extern int copy_to_user(void __user *to, const void *from, int n);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
2007-10-16 10:27:05 +02:00
|
|
|
extern int __do_copy_to_user(void *to, const void *from, int n,
|
|
|
|
|
void **fault_addr, jmp_buf **fault_catcher);
|
|
|
|
|
|
2005-04-17 00:20:36 +02:00
|
|
|
/*
|
|
|
|
|
* strncpy_from_user: - Copy a NUL terminated string from userspace.
|
|
|
|
|
* @dst: Destination address, in kernel space. This buffer must be at
|
|
|
|
|
* least @count bytes long.
|
|
|
|
|
* @src: Source address, in user space.
|
|
|
|
|
* @count: Maximum number of bytes to copy, including the trailing NUL.
|
|
|
|
|
*
|
|
|
|
|
* Copies a NUL-terminated string from userspace to kernel space.
|
|
|
|
|
*
|
|
|
|
|
* On success, returns the length of the string (not including the trailing
|
|
|
|
|
* NUL).
|
|
|
|
|
*
|
|
|
|
|
* If access to userspace fails, returns -EFAULT (some data may have been
|
|
|
|
|
* copied).
|
|
|
|
|
*
|
|
|
|
|
* If @count is smaller than the length of the string, copies @count bytes
|
|
|
|
|
* and returns @count.
|
|
|
|
|
*/
|
|
|
|
|
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int strncpy_from_user(char *dst, const char __user *src, int count);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* __clear_user: - Zero a block of memory in user space, with less checking.
|
|
|
|
|
* @to: Destination address, in user space.
|
|
|
|
|
* @n: Number of bytes to zero.
|
|
|
|
|
*
|
|
|
|
|
* Zero a block of memory in user space. Caller must check
|
|
|
|
|
* the specified block with access_ok() before calling this function.
|
|
|
|
|
*
|
|
|
|
|
* Returns number of bytes that could not be cleared.
|
|
|
|
|
* On success, this will be zero.
|
|
|
|
|
*/
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int __clear_user(void __user *mem, int len);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* clear_user: - Zero a block of memory in user space.
|
|
|
|
|
* @to: Destination address, in user space.
|
|
|
|
|
* @n: Number of bytes to zero.
|
|
|
|
|
*
|
|
|
|
|
* Zero a block of memory in user space.
|
|
|
|
|
*
|
|
|
|
|
* Returns number of bytes that could not be cleared.
|
|
|
|
|
* On success, this will be zero.
|
|
|
|
|
*/
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int clear_user(void __user *mem, int len);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* strlen_user: - Get the size of a string in user space.
|
|
|
|
|
* @str: The string to measure.
|
|
|
|
|
* @n: The maximum valid length
|
|
|
|
|
*
|
|
|
|
|
* Get the size of a NUL-terminated string in user space.
|
|
|
|
|
*
|
|
|
|
|
* Returns the size of the string INCLUDING the terminating NUL.
|
|
|
|
|
* On exception, returns 0.
|
|
|
|
|
* If the string is too long, returns a value greater than @n.
|
|
|
|
|
*/
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int strnlen_user(const void __user *str, int len);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
|
#endif
|
