Blame view
mm/maccess.c
7.91 KB
457c89965 treewide: Add SPD... |
1 |
// SPDX-License-Identifier: GPL-2.0-only |
c33fa9f56 uaccess: add prob... |
2 3 4 |
/* * Access kernel memory without faulting. */ |
b95f1b31b mm: Map most file... |
5 |
#include <linux/export.h> |
c33fa9f56 uaccess: add prob... |
6 |
#include <linux/mm.h> |
7c7fcf762 MN10300: Save fra... |
7 |
#include <linux/uaccess.h> |
c33fa9f56 uaccess: add prob... |
8 |
|
3d7081822 uaccess: Add non-... |
9 10 11 12 13 14 15 16 17 18 19 |
static __always_inline long probe_read_common(void *dst, const void __user *src, size_t size) { long ret; pagefault_disable(); ret = __copy_from_user_inatomic(dst, src, size); pagefault_enable(); return ret ? -EFAULT : 0; } |
1d1585ca0 uaccess: Add non-... |
20 21 22 23 24 25 26 27 28 29 30 |
static __always_inline long probe_write_common(void __user *dst, const void *src, size_t size) { long ret; pagefault_disable(); ret = __copy_to_user_inatomic(dst, src, size); pagefault_enable(); return ret ? -EFAULT : 0; } |
c33fa9f56 uaccess: add prob... |
31 |
/** |
3d7081822 uaccess: Add non-... |
32 |
* probe_kernel_read(): safely attempt to read from a kernel-space location |
c33fa9f56 uaccess: add prob... |
33 34 35 36 37 38 |
* @dst: pointer to the buffer that shall take the data * @src: address to read from * @size: size of the data chunk * * Safely read from address @src to the buffer at @dst. If a kernel fault * happens, handle that and return -EFAULT. |
0ab32b6f1 uaccess: reimplem... |
39 40 41 42 43 |
* * We ensure that the copy_from_user is executed in atomic context so that * do_page_fault() doesn't attempt to take mmap_sem. This makes * probe_kernel_read() suitable for use within regions where the caller * already holds mmap_sem, or other locks which nest inside mmap_sem. |
75a1a607b uaccess: Add stri... |
44 45 46 47 48 49 |
* * probe_kernel_read_strict() is the same as probe_kernel_read() except for * the case where architectures have non-overlapping user and kernel address * ranges: probe_kernel_read_strict() will additionally return -EFAULT for * probing memory on a user address range where probe_user_read() is supposed * to be used instead. |
c33fa9f56 uaccess: add prob... |
50 |
*/ |
6144a85a0 maccess,probe_ker... |
51 |
|
f29c50419 maccess,probe_ker... |
52 |
long __weak probe_kernel_read(void *dst, const void *src, size_t size) |
6144a85a0 maccess,probe_ker... |
53 |
__attribute__((alias("__probe_kernel_read"))); |
75a1a607b uaccess: Add stri... |
54 55 |
long __weak probe_kernel_read_strict(void *dst, const void *src, size_t size) __attribute__((alias("__probe_kernel_read"))); |
f29c50419 maccess,probe_ker... |
56 |
long __probe_kernel_read(void *dst, const void *src, size_t size) |
c33fa9f56 uaccess: add prob... |
57 58 |
{ long ret; |
b4b8ac524 kgdb: fix optiona... |
59 |
mm_segment_t old_fs = get_fs(); |
c33fa9f56 uaccess: add prob... |
60 |
|
b4b8ac524 kgdb: fix optiona... |
61 |
set_fs(KERNEL_DS); |
3d7081822 uaccess: Add non-... |
62 |
ret = probe_read_common(dst, (__force const void __user *)src, size); |
b4b8ac524 kgdb: fix optiona... |
63 |
set_fs(old_fs); |
c33fa9f56 uaccess: add prob... |
64 |
|
3d7081822 uaccess: Add non-... |
65 |
return ret; |
c33fa9f56 uaccess: add prob... |
66 67 68 69 |
} EXPORT_SYMBOL_GPL(probe_kernel_read); /** |
3d7081822 uaccess: Add non-... |
70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 |
* probe_user_read(): safely attempt to read from a user-space location * @dst: pointer to the buffer that shall take the data * @src: address to read from. This must be a user address. * @size: size of the data chunk * * Safely read from user address @src to the buffer at @dst. If a kernel fault * happens, handle that and return -EFAULT. */ long __weak probe_user_read(void *dst, const void __user *src, size_t size) __attribute__((alias("__probe_user_read"))); long __probe_user_read(void *dst, const void __user *src, size_t size) { long ret = -EFAULT; mm_segment_t old_fs = get_fs(); set_fs(USER_DS); if (access_ok(src, size)) ret = probe_read_common(dst, src, size); set_fs(old_fs); return ret; } EXPORT_SYMBOL_GPL(probe_user_read); /** |
c33fa9f56 uaccess: add prob... |
97 98 99 100 101 102 103 104 |
* probe_kernel_write(): safely attempt to write to a location * @dst: address to write to * @src: pointer to the data that shall be written * @size: size of the data chunk * * Safely write to address @dst from the buffer at @src. If a kernel fault * happens, handle that and return -EFAULT. */ |
1d1585ca0 uaccess: Add non-... |
105 |
|
f29c50419 maccess,probe_ker... |
106 |
long __weak probe_kernel_write(void *dst, const void *src, size_t size) |
6144a85a0 maccess,probe_ker... |
107 |
__attribute__((alias("__probe_kernel_write"))); |
f29c50419 maccess,probe_ker... |
108 |
long __probe_kernel_write(void *dst, const void *src, size_t size) |
c33fa9f56 uaccess: add prob... |
109 110 |
{ long ret; |
b4b8ac524 kgdb: fix optiona... |
111 |
mm_segment_t old_fs = get_fs(); |
c33fa9f56 uaccess: add prob... |
112 |
|
b4b8ac524 kgdb: fix optiona... |
113 |
set_fs(KERNEL_DS); |
1d1585ca0 uaccess: Add non-... |
114 |
ret = probe_write_common((__force void __user *)dst, src, size); |
b4b8ac524 kgdb: fix optiona... |
115 |
set_fs(old_fs); |
c33fa9f56 uaccess: add prob... |
116 |
|
1d1585ca0 uaccess: Add non-... |
117 |
return ret; |
c33fa9f56 uaccess: add prob... |
118 119 |
} EXPORT_SYMBOL_GPL(probe_kernel_write); |
dbb7ee0e4 lib: move strncpy... |
120 |
|
1d1585ca0 uaccess: Add non-... |
121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 |
/** * probe_user_write(): safely attempt to write to a user-space location * @dst: address to write to * @src: pointer to the data that shall be written * @size: size of the data chunk * * Safely write to address @dst from the buffer at @src. If a kernel fault * happens, handle that and return -EFAULT. */ long __weak probe_user_write(void __user *dst, const void *src, size_t size) __attribute__((alias("__probe_user_write"))); long __probe_user_write(void __user *dst, const void *src, size_t size) { long ret = -EFAULT; mm_segment_t old_fs = get_fs(); set_fs(USER_DS); if (access_ok(dst, size)) ret = probe_write_common(dst, src, size); set_fs(old_fs); return ret; } EXPORT_SYMBOL_GPL(probe_user_write); |
3d7081822 uaccess: Add non-... |
147 |
|
dbb7ee0e4 lib: move strncpy... |
148 149 150 151 |
/** * strncpy_from_unsafe: - Copy a NUL terminated string from unsafe address. * @dst: Destination address, in kernel space. This buffer must be at * least @count bytes long. |
f144c390f mm: docs: fix par... |
152 |
* @unsafe_addr: Unsafe address. |
dbb7ee0e4 lib: move strncpy... |
153 154 155 156 157 158 159 160 161 162 163 |
* @count: Maximum number of bytes to copy, including the trailing NUL. * * Copies a NUL-terminated string from unsafe address to kernel buffer. * * On success, returns the length of the string INCLUDING the trailing NUL. * * If access fails, returns -EFAULT (some data may have been copied * and the trailing NUL added). * * If @count is smaller than the length of the string, copies @count-1 bytes, * sets the last byte of @dst buffer to NUL and returns @count. |
75a1a607b uaccess: Add stri... |
164 165 166 167 168 169 |
* * strncpy_from_unsafe_strict() is the same as strncpy_from_unsafe() except * for the case where architectures have non-overlapping user and kernel address * ranges: strncpy_from_unsafe_strict() will additionally return -EFAULT for * probing memory on a user address range where strncpy_from_unsafe_user() is * supposed to be used instead. |
dbb7ee0e4 lib: move strncpy... |
170 |
*/ |
75a1a607b uaccess: Add stri... |
171 172 173 174 175 176 177 178 179 |
long __weak strncpy_from_unsafe(char *dst, const void *unsafe_addr, long count) __attribute__((alias("__strncpy_from_unsafe"))); long __weak strncpy_from_unsafe_strict(char *dst, const void *unsafe_addr, long count) __attribute__((alias("__strncpy_from_unsafe"))); long __strncpy_from_unsafe(char *dst, const void *unsafe_addr, long count) |
dbb7ee0e4 lib: move strncpy... |
180 181 182 183 184 185 186 187 188 189 190 191 |
{ mm_segment_t old_fs = get_fs(); const void *src = unsafe_addr; long ret; if (unlikely(count <= 0)) return 0; set_fs(KERNEL_DS); pagefault_disable(); do { |
bd28b1459 x86: remove more ... |
192 |
ret = __get_user(*dst++, (const char __user __force *)src++); |
dbb7ee0e4 lib: move strncpy... |
193 194 195 196 197 |
} while (dst[-1] && ret == 0 && src - unsafe_addr < count); dst[-1] = '\0'; pagefault_enable(); set_fs(old_fs); |
9dd861d55 mm/maccess.c: act... |
198 |
return ret ? -EFAULT : src - unsafe_addr; |
dbb7ee0e4 lib: move strncpy... |
199 |
} |
3d7081822 uaccess: Add non-... |
200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 |
/** * strncpy_from_unsafe_user: - Copy a NUL terminated string from unsafe user * address. * @dst: Destination address, in kernel space. This buffer must be at * least @count bytes long. * @unsafe_addr: Unsafe user address. * @count: Maximum number of bytes to copy, including the trailing NUL. * * Copies a NUL-terminated string from unsafe user address to kernel buffer. * * On success, returns the length of the string INCLUDING the trailing NUL. * * If access fails, returns -EFAULT (some data may have been copied * and the trailing NUL added). * * If @count is smaller than the length of the string, copies @count-1 bytes, * sets the last byte of @dst buffer to NUL and returns @count. */ long strncpy_from_unsafe_user(char *dst, const void __user *unsafe_addr, long count) { mm_segment_t old_fs = get_fs(); long ret; if (unlikely(count <= 0)) return 0; set_fs(USER_DS); pagefault_disable(); ret = strncpy_from_user(dst, unsafe_addr, count); pagefault_enable(); set_fs(old_fs); if (ret >= count) { ret = count; dst[ret - 1] = '\0'; } else if (ret > 0) { ret++; } return ret; } /** * strnlen_unsafe_user: - Get the size of a user string INCLUDING final NUL. * @unsafe_addr: The string to measure. * @count: Maximum count (including NUL) * * Get the size of a NUL-terminated string in user space without pagefault. * * Returns the size of the string INCLUDING the terminating NUL. * * If the string is too long, returns a number larger than @count. User * has to check the return value against "> count". * On exception (or invalid count), returns 0. * * Unlike strnlen_user, this can be used from IRQ handler etc. because * it disables pagefaults. */ long strnlen_unsafe_user(const void __user *unsafe_addr, long count) { mm_segment_t old_fs = get_fs(); int ret; set_fs(USER_DS); pagefault_disable(); ret = strnlen_user(unsafe_addr, count); pagefault_enable(); set_fs(old_fs); return ret; } |