2005-04-17 00:20:36 +02:00
|
|
|
/*
|
2007-10-16 10:26:57 +02:00
|
|
|
* Copyright (C) 2002 - 2007 Jeff Dike (jdike@{addtoit,linux.intel}.com)
|
2005-04-17 00:20:36 +02:00
|
|
|
* Licensed under the GPL
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef __ARCH_UM_UACCESS_H
|
|
|
|
#define __ARCH_UM_UACCESS_H
|
|
|
|
|
2005-12-12 09:37:16 +01:00
|
|
|
#include "asm/fixmap.h"
|
|
|
|
|
[PATCH] uml: fix access_ok
The access_ok_tt() macro is bogus, in that a read access is unconditionally
considered valid.
I couldn't find in SCM logs the introduction of this check, but I went back to
2.4.20-1um and the definition was the same.
Possibly this was done to avoid problems with missing set_fs() calls, but
there can't be any I think because they would fail with SKAS mode.
TT-specific code is still to check.
Also, this patch joins common code together, and makes the "address range
wrapping" check happen for all cases, rather than for only some.
This may, possibly, be reoptimized at some time, but the current code doesn't
seem clever, just confused.
* Important: I've also had to change references to access_ok_{tt,skas} back to
access_ok - the kernel wasn't that happy otherwise.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-14 01:07:13 +01:00
|
|
|
#define __under_task_size(addr, size) \
|
|
|
|
(((unsigned long) (addr) < TASK_SIZE) && \
|
2007-10-16 10:26:57 +02:00
|
|
|
(((unsigned long) (addr) + (size)) < TASK_SIZE))
|
[PATCH] uml: fix access_ok
The access_ok_tt() macro is bogus, in that a read access is unconditionally
considered valid.
I couldn't find in SCM logs the introduction of this check, but I went back to
2.4.20-1um and the definition was the same.
Possibly this was done to avoid problems with missing set_fs() calls, but
there can't be any I think because they would fail with SKAS mode.
TT-specific code is still to check.
Also, this patch joins common code together, and makes the "address range
wrapping" check happen for all cases, rather than for only some.
This may, possibly, be reoptimized at some time, but the current code doesn't
seem clever, just confused.
* Important: I've also had to change references to access_ok_{tt,skas} back to
access_ok - the kernel wasn't that happy otherwise.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-14 01:07:13 +01:00
|
|
|
|
|
|
|
#define __access_ok_vsyscall(type, addr, size) \
|
|
|
|
((type == VERIFY_READ) && \
|
|
|
|
((unsigned long) (addr) >= FIXADDR_USER_START) && \
|
|
|
|
((unsigned long) (addr) + (size) <= FIXADDR_USER_END) && \
|
|
|
|
((unsigned long) (addr) + (size) >= (unsigned long)(addr)))
|
|
|
|
|
|
|
|
#define __addr_range_nowrap(addr, size) \
|
|
|
|
((unsigned long) (addr) <= ((unsigned long) (addr) + (size)))
|
|
|
|
|
2005-04-17 00:20:36 +02:00
|
|
|
#define access_ok(type, addr, size) \
|
[PATCH] uml: fix access_ok
The access_ok_tt() macro is bogus, in that a read access is unconditionally
considered valid.
I couldn't find in SCM logs the introduction of this check, but I went back to
2.4.20-1um and the definition was the same.
Possibly this was done to avoid problems with missing set_fs() calls, but
there can't be any I think because they would fail with SKAS mode.
TT-specific code is still to check.
Also, this patch joins common code together, and makes the "address range
wrapping" check happen for all cases, rather than for only some.
This may, possibly, be reoptimized at some time, but the current code doesn't
seem clever, just confused.
* Important: I've also had to change references to access_ok_{tt,skas} back to
access_ok - the kernel wasn't that happy otherwise.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-14 01:07:13 +01:00
|
|
|
(__addr_range_nowrap(addr, size) && \
|
|
|
|
(__under_task_size(addr, size) || \
|
|
|
|
__access_ok_vsyscall(type, addr, size) || \
|
2007-10-16 10:26:56 +02:00
|
|
|
segment_eq(get_fs(), KERNEL_DS)))
|
2005-04-17 00:20:36 +02:00
|
|
|
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int copy_from_user(void *to, const void __user *from, int n);
|
|
|
|
extern int copy_to_user(void __user *to, const void *from, int n);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
2007-10-16 10:27:05 +02:00
|
|
|
extern int __do_copy_to_user(void *to, const void *from, int n,
|
|
|
|
void **fault_addr, jmp_buf **fault_catcher);
|
|
|
|
extern void __do_copy(void *to, const void *from, int n);
|
|
|
|
|
2005-04-17 00:20:36 +02:00
|
|
|
/*
|
|
|
|
* strncpy_from_user: - Copy a NUL terminated string from userspace.
|
|
|
|
* @dst: Destination address, in kernel space. This buffer must be at
|
|
|
|
* least @count bytes long.
|
|
|
|
* @src: Source address, in user space.
|
|
|
|
* @count: Maximum number of bytes to copy, including the trailing NUL.
|
|
|
|
*
|
|
|
|
* Copies a NUL-terminated string from userspace to kernel space.
|
|
|
|
*
|
|
|
|
* On success, returns the length of the string (not including the trailing
|
|
|
|
* NUL).
|
|
|
|
*
|
|
|
|
* If access to userspace fails, returns -EFAULT (some data may have been
|
|
|
|
* copied).
|
|
|
|
*
|
|
|
|
* If @count is smaller than the length of the string, copies @count bytes
|
|
|
|
* and returns @count.
|
|
|
|
*/
|
|
|
|
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int strncpy_from_user(char *dst, const char __user *src, int count);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* __clear_user: - Zero a block of memory in user space, with less checking.
|
|
|
|
* @to: Destination address, in user space.
|
|
|
|
* @n: Number of bytes to zero.
|
|
|
|
*
|
|
|
|
* Zero a block of memory in user space. Caller must check
|
|
|
|
* the specified block with access_ok() before calling this function.
|
|
|
|
*
|
|
|
|
* Returns number of bytes that could not be cleared.
|
|
|
|
* On success, this will be zero.
|
|
|
|
*/
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int __clear_user(void __user *mem, int len);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* clear_user: - Zero a block of memory in user space.
|
|
|
|
* @to: Destination address, in user space.
|
|
|
|
* @n: Number of bytes to zero.
|
|
|
|
*
|
|
|
|
* Zero a block of memory in user space.
|
|
|
|
*
|
|
|
|
* Returns number of bytes that could not be cleared.
|
|
|
|
* On success, this will be zero.
|
|
|
|
*/
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int clear_user(void __user *mem, int len);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* strlen_user: - Get the size of a string in user space.
|
|
|
|
* @str: The string to measure.
|
|
|
|
* @n: The maximum valid length
|
|
|
|
*
|
|
|
|
* Get the size of a NUL-terminated string in user space.
|
|
|
|
*
|
|
|
|
* Returns the size of the string INCLUDING the terminating NUL.
|
|
|
|
* On exception, returns 0.
|
|
|
|
* If the string is too long, returns a value greater than @n.
|
|
|
|
*/
|
2007-10-16 10:26:56 +02:00
|
|
|
extern int strnlen_user(const void __user *str, int len);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
#endif
|