6 files changed, 105 insertions, 145 deletions
diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h
index 8be5f54d9360..e0544597cfe7 100644
--- a/arch/x86/include/asm/uaccess.h
+++ b/arch/x86/include/asm/uaccess.h
@@ -557,6 +557,8 @@ struct __large_struct { unsigned long buf[100]; };
 extern unsigned long
 copy_from_user_nmi(void *to, const void __user *from, unsigned long n);
+extern __must_check long
+strncpy_from_user(char *dst, const char __user *src, long count);
 /*
 * movsl can be slow when source and dest are not both 8-byte aligned
diff --git a/arch/x86/include/asm/uaccess_32.h b/arch/x86/include/asm/uaccess_32.h
index 566e803cc602..8084bc73b18c 100644
--- a/arch/x86/include/asm/uaccess_32.h
+++ b/arch/x86/include/asm/uaccess_32.h
@@ -213,11 +213,6 @@ static inline unsigned long __must_check copy_from_user(void *to,
        return n;
 }
-long __must_check strncpy_from_user(char *dst, const char __user *src,
-                                    long count);
-long __must_check __strncpy_from_user(char *dst,
-                                      const char __user *src, long count);
 /**
 * strlen_user: - Get the size of a string in user space.
 * @str: The string to measure.
diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h
index 1c66d30971ad..fcd4b6f3ef02 100644
--- a/arch/x86/include/asm/uaccess_64.h
+++ b/arch/x86/include/asm/uaccess_64.h
@@ -208,10 +208,6 @@ int __copy_in_user(void __user *dst, const void __user *src, unsigned size)
        }
 }
-__must_check long
-strncpy_from_user(char *dst, const char __user *src, long count);
-__must_check long
-__strncpy_from_user(char *dst, const char __user *src, long count);
 __must_check long strnlen_user(const char __user *str, long n);
 __must_check long __strnlen_user(const char __user *str, long n);
 __must_check long strlen_user(const char __user *str);
diff --git a/arch/x86/lib/usercopy.c b/arch/x86/lib/usercopy.c
index 97be9cb54483..57252c928f56 100644
--- a/arch/x86/lib/usercopy.c
+++ b/arch/x86/lib/usercopy.c
@@ -7,6 +7,8 @@
 #include <linux/highmem.h>
 #include <linux/module.h>
+#include <asm/word-at-a-time.h>
 /*
 * best effort, GUP based copy_from_user() that is NMI-safe
 */
@@ -41,3 +43,104 @@ copy_from_user_nmi(void *to, const void __user *from, unsigned long n)
        return len;
 }
 EXPORT_SYMBOL_GPL(copy_from_user_nmi);
+static inline unsigned long count_bytes(unsigned long mask)
+{
+        mask = (mask - 1) & ~mask;
+        mask >>= 7;
+        return count_masked_bytes(mask);
+}
+/*
+ * Do a strncpy, return length of string without final '\0'.
+ * 'count' is the user-supplied count (return 'count' if we
+ * hit it), 'max' is the address space maximum (and we return
+ * -EFAULT if we hit it).
+ */
+static inline long do_strncpy_from_user(char *dst, const char __user *src, long count, long max)
+{
+        long res = 0;
+        /*
+         * Truncate 'max' to the user-specified limit, so that
+         * we only have one limit we need to check in the loop
+         */
+        if (max > count)
+                max = count;
+        while (max >= sizeof(unsigned long)) {
+                unsigned long c;
+                /* Fall back to byte-at-a-time if we get a page fault */
+                if (unlikely(__get_user(c,(unsigned long __user *)(src+res))))
+                        break;
+                /* This can write a few bytes past the NUL character, but that's ok */
+                *(unsigned long *)(dst+res) = c;
+                c = has_zero(c);
+                if (c)
+                        return res + count_bytes(c);
+                res += sizeof(unsigned long);
+                max -= sizeof(unsigned long);
+        }
+        while (max) {
+                char c;
+                if (unlikely(__get_user(c,src+res)))
+                        return -EFAULT;
+                dst[res] = c;
+                if (!c)
+                        return res;
+                res++;
+                max--;
+        }
+        /*
+         * Uhhuh. We hit 'max'. But was that the user-specified maximum
+         * too? If so, that's ok - we got as much as the user asked for.
+         */
+        if (res >= count)
+                return count;
+        /*
+         * Nope: we hit the address space limit, and we still had more
+         * characters the caller would have wanted. That's an EFAULT.
+         */
+        return -EFAULT;
+}
+/**
+ * strncpy_from_user: - Copy a NUL terminated string from userspace.
+ * @dst:   Destination address, in kernel space.  This buffer must be at
+ *         least @count bytes long.
+ * @src:   Source address, in user space.
+ * @count: Maximum number of bytes to copy, including the trailing NUL.
+ *
+ * Copies a NUL-terminated string from userspace to kernel space.
+ *
+ * On success, returns the length of the string (not including the trailing
+ * NUL).
+ *
+ * If access to userspace fails, returns -EFAULT (some data may have been
+ * copied).
+ *
+ * If @count is smaller than the length of the string, copies @count bytes
+ * and returns @count.
+ */
+long
+strncpy_from_user(char *dst, const char __user *src, long count)
+{
+        unsigned long max_addr, src_addr;
+        if (unlikely(count <= 0))
+                return 0;
+        max_addr = current_thread_info()->addr_limit.seg;
+        src_addr = (unsigned long)src;
+        if (likely(src_addr < max_addr)) {
+                unsigned long max = max_addr - src_addr;
+                return do_strncpy_from_user(dst, src, count, max);
+        }
+        return -EFAULT;
+}
+EXPORT_SYMBOL(strncpy_from_user);
diff --git a/arch/x86/lib/usercopy_32.c b/arch/x86/lib/usercopy_32.c
index d9b094ca7aaa..ef2a6a5d78e3 100644
--- a/arch/x86/lib/usercopy_32.c
+++ b/arch/x86/lib/usercopy_32.c
@@ -33,93 +33,6 @@ static inline int __movsl_is_ok(unsigned long a1, unsigned long a2, unsigned lon
        __movsl_is_ok((unsigned long)(a1), (unsigned long)(a2), (n))
 /*
- * Copy a null terminated string from userspace.
- */
-#define __do_strncpy_from_user(dst, src, count, res)                       \
-do {                                                                       \
-        int __d0, __d1, __d2;                                              \
-        might_fault();                                                     \
-        __asm__ __volatile__(                                              \
-                "       testl %1,%1\n"                                     \
-                "       jz 2f\n"                                           \
-                "0:     lodsb\n"                                           \
-                "       stosb\n"                                           \
-                "       testb %%al,%%al\n"                                 \
-                "       jz 1f\n"                                           \
-                "       decl %1\n"                                         \
-                "       jnz 0b\n"                                          \
-                "1:     subl %1,%0\n"                                      \
-                "2:\n"                                                     \
-                ".section .fixup,\"ax\"\n"                                 \
-                "3:     movl %5,%0\n"                                      \
-                "       jmp 2b\n"                                          \
-                ".previous\n"                                              \
-                _ASM_EXTABLE(0b,3b)                                        \
-                : "=&d"(res), "=&c"(count), "=&a" (__d0), "=&S" (__d1),    \
-                  "=&D" (__d2)                                             \
-                : "i"(-EFAULT), "0"(count), "1"(count), "3"(src), "4"(dst) \
-                : "memory");                                               \
-} while (0)
-/**
- * __strncpy_from_user: - Copy a NUL terminated string from userspace, with less checking.
- * @dst:   Destination address, in kernel space.  This buffer must be at
- *         least @count bytes long.
- * @src:   Source address, in user space.
- * @count: Maximum number of bytes to copy, including the trailing NUL.
- *
- * Copies a NUL-terminated string from userspace to kernel space.
- * Caller must check the specified block with access_ok() before calling
- * this function.
- *
- * On success, returns the length of the string (not including the trailing
- * NUL).
- *
- * If access to userspace fails, returns -EFAULT (some data may have been
- * copied).
- *
- * If @count is smaller than the length of the string, copies @count bytes
- * and returns @count.
- */
-long
-__strncpy_from_user(char *dst, const char __user *src, long count)
-{
-        long res;
-        __do_strncpy_from_user(dst, src, count, res);
-        return res;
-}
-EXPORT_SYMBOL(__strncpy_from_user);
-/**
- * strncpy_from_user: - Copy a NUL terminated string from userspace.
- * @dst:   Destination address, in kernel space.  This buffer must be at
- *         least @count bytes long.
- * @src:   Source address, in user space.
- * @count: Maximum number of bytes to copy, including the trailing NUL.
- *
- * Copies a NUL-terminated string from userspace to kernel space.
- *
- * On success, returns the length of the string (not including the trailing
- * NUL).
- *
- * If access to userspace fails, returns -EFAULT (some data may have been
- * copied).
- *
- * If @count is smaller than the length of the string, copies @count bytes
- * and returns @count.
- */
-long
-strncpy_from_user(char *dst, const char __user *src, long count)
-{
-        long res = -EFAULT;
-        if (access_ok(VERIFY_READ, src, 1))
-                __do_strncpy_from_user(dst, src, count, res);
-        return res;
-}
-EXPORT_SYMBOL(strncpy_from_user);
-/*
 * Zero Userspace
 */
diff --git a/arch/x86/lib/usercopy_64.c b/arch/x86/lib/usercopy_64.c
index b7c2849ffb66..0d0326f388c0 100644
--- a/arch/x86/lib/usercopy_64.c
+++ b/arch/x86/lib/usercopy_64.c
@@ -9,55 +9,6 @@
 #include <asm/uaccess.h>
 /*
- * Copy a null terminated string from userspace.
- */
-#define __do_strncpy_from_user(dst,src,count,res)                          \
-do {                                                                       \
-        long __d0, __d1, __d2;                                             \
-        might_fault();                                                     \
-        __asm__ __volatile__(                                              \
-                "       testq %1,%1\n"                                     \
-                "       jz 2f\n"                                           \
-                "0:     lodsb\n"                                           \
-                "       stosb\n"                                           \
-                "       testb %%al,%%al\n"                                 \
-                "       jz 1f\n"                                           \
-                "       decq %1\n"                                         \
-                "       jnz 0b\n"                                          \
-                "1:     subq %1,%0\n"                                      \
-                "2:\n"                                                     \
-                ".section .fixup,\"ax\"\n"                                 \
-                "3:     movq %5,%0\n"                                      \
-                "       jmp 2b\n"                                          \
-                ".previous\n"                                              \
-                _ASM_EXTABLE(0b,3b)                                        \
-                : "=&r"(res), "=&c"(count), "=&a" (__d0), "=&S" (__d1),    \
-                  "=&D" (__d2)                                             \
-                : "i"(-EFAULT), "0"(count), "1"(count), "3"(src), "4"(dst) \
-                : "memory");                                               \
-} while (0)
-long
-__strncpy_from_user(char *dst, const char __user *src, long count)
-{
-        long res;
-        __do_strncpy_from_user(dst, src, count, res);
-        return res;
-}
-EXPORT_SYMBOL(__strncpy_from_user);
-long
-strncpy_from_user(char *dst, const char __user *src, long count)
-{
-        long res = -EFAULT;
-        if (access_ok(VERIFY_READ, src, 1))
-                return __strncpy_from_user(dst, src, count);
-        return res;
-}
-EXPORT_SYMBOL(strncpy_from_user);
-/*
 * Zero Userspace
 */

diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h index 8be5f54d9360..e0544597cfe7 100644 --- a/arch/x86/include/asm/uaccess.h +++ b/arch/x86/include/asm/uaccess.h
@@ -557,6 +557,8 @@ struct __large_struct { unsigned long buf[100]; };
557		557
558	extern unsigned long	558	extern unsigned long
559	copy_from_user_nmi(void to, const void __user from, unsigned long n);	559	copy_from_user_nmi(void to, const void __user from, unsigned long n);
		560	extern __must_check long
		561	strncpy_from_user(char dst, const char __user src, long count);
560		562
561	/*	563	/*
562	* movsl can be slow when source and dest are not both 8-byte aligned	564	* movsl can be slow when source and dest are not both 8-byte aligned


diff --git a/arch/x86/include/asm/uaccess_32.h b/arch/x86/include/asm/uaccess_32.h index 566e803cc602..8084bc73b18c 100644 --- a/arch/x86/include/asm/uaccess_32.h +++ b/arch/x86/include/asm/uaccess_32.h
@@ -213,11 +213,6 @@ static inline unsigned long __must_check copy_from_user(void *to,
213	return n;	213	return n;
214	}	214	}
215		215
216	long __must_check strncpy_from_user(char dst, const char __user src,
217	long count);
218	long __must_check __strncpy_from_user(char *dst,
219	const char __user *src, long count);
220
221	/**	216	/**
222	* strlen_user: - Get the size of a string in user space.	217	* strlen_user: - Get the size of a string in user space.
223	* @str: The string to measure.	218	* @str: The string to measure.


diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h index 1c66d30971ad..fcd4b6f3ef02 100644 --- a/arch/x86/include/asm/uaccess_64.h +++ b/arch/x86/include/asm/uaccess_64.h
@@ -208,10 +208,6 @@ int __copy_in_user(void __user dst, const void __user src, unsigned size)
208	}	208	}
209	}	209	}
210		210
211	__must_check long
212	strncpy_from_user(char dst, const char __user src, long count);
213	__must_check long
214	__strncpy_from_user(char dst, const char __user src, long count);
215	__must_check long strnlen_user(const char __user *str, long n);	211	__must_check long strnlen_user(const char __user *str, long n);
216	__must_check long __strnlen_user(const char __user *str, long n);	212	__must_check long __strnlen_user(const char __user *str, long n);
217	__must_check long strlen_user(const char __user *str);	213	__must_check long strlen_user(const char __user *str);


diff --git a/arch/x86/lib/usercopy.c b/arch/x86/lib/usercopy.c index 97be9cb54483..57252c928f56 100644 --- a/arch/x86/lib/usercopy.c +++ b/arch/x86/lib/usercopy.c
@@ -7,6 +7,8 @@
7	#include <linux/highmem.h>	7	#include <linux/highmem.h>
8	#include <linux/module.h>	8	#include <linux/module.h>
9		9
		10	#include <asm/word-at-a-time.h>
		11
10	/*	12	/*
11	* best effort, GUP based copy_from_user() that is NMI-safe	13	* best effort, GUP based copy_from_user() that is NMI-safe
12	*/	14	*/
@@ -41,3 +43,104 @@ copy_from_user_nmi(void to, const void __user from, unsigned long n)
41	return len;	43	return len;
42	}	44	}
43	EXPORT_SYMBOL_GPL(copy_from_user_nmi);	45	EXPORT_SYMBOL_GPL(copy_from_user_nmi);
		46
		47	static inline unsigned long count_bytes(unsigned long mask)
		48	{
		49	mask = (mask - 1) & ~mask;
		50	mask >>= 7;
		51	return count_masked_bytes(mask);
		52	}
		53
		54	/*
		55	* Do a strncpy, return length of string without final '\0'.
		56	* 'count' is the user-supplied count (return 'count' if we
		57	* hit it), 'max' is the address space maximum (and we return
		58	* -EFAULT if we hit it).
		59	*/
		60	static inline long do_strncpy_from_user(char dst, const char __user src, long count, long max)
		61	{
		62	long res = 0;
		63
		64	/*
		65	* Truncate 'max' to the user-specified limit, so that
		66	* we only have one limit we need to check in the loop
		67	*/
		68	if (max > count)
		69	max = count;
		70
		71	while (max >= sizeof(unsigned long)) {
		72	unsigned long c;
		73
		74	/* Fall back to byte-at-a-time if we get a page fault */
		75	if (unlikely(__get_user(c,(unsigned long __user *)(src+res))))
		76	break;
		77	/* This can write a few bytes past the NUL character, but that's ok */
		78	(unsigned long )(dst+res) = c;
		79	c = has_zero(c);
		80	if (c)
		81	return res + count_bytes(c);
		82	res += sizeof(unsigned long);
		83	max -= sizeof(unsigned long);
		84	}
		85
		86	while (max) {
		87	char c;
		88
		89	if (unlikely(__get_user(c,src+res)))
		90	return -EFAULT;
		91	dst[res] = c;
		92	if (!c)
		93	return res;
		94	res++;
		95	max--;
		96	}
		97
		98	/*
		99	* Uhhuh. We hit 'max'. But was that the user-specified maximum
		100	* too? If so, that's ok - we got as much as the user asked for.
		101	*/
		102	if (res >= count)
		103	return count;
		104
		105	/*
		106	* Nope: we hit the address space limit, and we still had more
		107	* characters the caller would have wanted. That's an EFAULT.
		108	*/
		109	return -EFAULT;
		110	}
		111
		112	/**
		113	* strncpy_from_user: - Copy a NUL terminated string from userspace.
		114	* @dst: Destination address, in kernel space. This buffer must be at
		115	* least @count bytes long.
		116	* @src: Source address, in user space.
		117	* @count: Maximum number of bytes to copy, including the trailing NUL.
		118	*
		119	* Copies a NUL-terminated string from userspace to kernel space.
		120	*
		121	* On success, returns the length of the string (not including the trailing
		122	* NUL).
		123	*
		124	* If access to userspace fails, returns -EFAULT (some data may have been
		125	* copied).
		126	*
		127	* If @count is smaller than the length of the string, copies @count bytes
		128	* and returns @count.
		129	*/
		130	long
		131	strncpy_from_user(char dst, const char __user src, long count)
		132	{
		133	unsigned long max_addr, src_addr;
		134
		135	if (unlikely(count <= 0))
		136	return 0;
		137
		138	max_addr = current_thread_info()->addr_limit.seg;
		139	src_addr = (unsigned long)src;
		140	if (likely(src_addr < max_addr)) {
		141	unsigned long max = max_addr - src_addr;
		142	return do_strncpy_from_user(dst, src, count, max);
		143	}
		144	return -EFAULT;
		145	}
		146	EXPORT_SYMBOL(strncpy_from_user);


diff --git a/arch/x86/lib/usercopy_32.c b/arch/x86/lib/usercopy_32.c index d9b094ca7aaa..ef2a6a5d78e3 100644 --- a/arch/x86/lib/usercopy_32.c +++ b/arch/x86/lib/usercopy_32.c
@@ -33,93 +33,6 @@ static inline int __movsl_is_ok(unsigned long a1, unsigned long a2, unsigned lon
33	__movsl_is_ok((unsigned long)(a1), (unsigned long)(a2), (n))	33	__movsl_is_ok((unsigned long)(a1), (unsigned long)(a2), (n))
34		34
35	/*	35	/*
36	* Copy a null terminated string from userspace.
37	*/
38
39	#define __do_strncpy_from_user(dst, src, count, res) \
40	do { \
41	int __d0, __d1, __d2; \
42	might_fault(); \
43	__asm__ __volatile__( \
44	" testl %1,%1\n" \
45	" jz 2f\n" \
46	"0: lodsb\n" \
47	" stosb\n" \
48	" testb %%al,%%al\n" \
49	" jz 1f\n" \
50	" decl %1\n" \
51	" jnz 0b\n" \
52	"1: subl %1,%0\n" \
53	"2:\n" \
54	".section .fixup,\"ax\"\n" \
55	"3: movl %5,%0\n" \
56	" jmp 2b\n" \
57	".previous\n" \
58	_ASM_EXTABLE(0b,3b) \
59	: "=&d"(res), "=&c"(count), "=&a" (__d0), "=&S" (__d1), \
60	"=&D" (__d2) \
61	: "i"(-EFAULT), "0"(count), "1"(count), "3"(src), "4"(dst) \
62	: "memory"); \
63	} while (0)
64
65	/**
66	* __strncpy_from_user: - Copy a NUL terminated string from userspace, with less checking.
67	* @dst: Destination address, in kernel space. This buffer must be at
68	* least @count bytes long.
69	* @src: Source address, in user space.
70	* @count: Maximum number of bytes to copy, including the trailing NUL.
71	*
72	* Copies a NUL-terminated string from userspace to kernel space.
73	* Caller must check the specified block with access_ok() before calling
74	* this function.
75	*
76	* On success, returns the length of the string (not including the trailing
77	* NUL).
78	*
79	* If access to userspace fails, returns -EFAULT (some data may have been
80	* copied).
81	*
82	* If @count is smaller than the length of the string, copies @count bytes
83	* and returns @count.
84	*/
85	long
86	__strncpy_from_user(char dst, const char __user src, long count)
87	{
88	long res;
89	__do_strncpy_from_user(dst, src, count, res);
90	return res;
91	}
92	EXPORT_SYMBOL(__strncpy_from_user);
93
94	/**
95	* strncpy_from_user: - Copy a NUL terminated string from userspace.
96	* @dst: Destination address, in kernel space. This buffer must be at
97	* least @count bytes long.
98	* @src: Source address, in user space.
99	* @count: Maximum number of bytes to copy, including the trailing NUL.
100	*
101	* Copies a NUL-terminated string from userspace to kernel space.
102	*
103	* On success, returns the length of the string (not including the trailing
104	* NUL).
105	*
106	* If access to userspace fails, returns -EFAULT (some data may have been
107	* copied).
108	*
109	* If @count is smaller than the length of the string, copies @count bytes
110	* and returns @count.
111	*/
112	long
113	strncpy_from_user(char dst, const char __user src, long count)
114	{
115	long res = -EFAULT;
116	if (access_ok(VERIFY_READ, src, 1))
117	__do_strncpy_from_user(dst, src, count, res);
118	return res;
119	}
120	EXPORT_SYMBOL(strncpy_from_user);
121
122	/*
123	* Zero Userspace	36	* Zero Userspace
124	*/	37	*/
125		38


diff --git a/arch/x86/lib/usercopy_64.c b/arch/x86/lib/usercopy_64.c index b7c2849ffb66..0d0326f388c0 100644 --- a/arch/x86/lib/usercopy_64.c +++ b/arch/x86/lib/usercopy_64.c
@@ -9,55 +9,6 @@
9	#include <asm/uaccess.h>	9	#include <asm/uaccess.h>
10		10
11	/*	11	/*
12	* Copy a null terminated string from userspace.
13	*/
14
15	#define __do_strncpy_from_user(dst,src,count,res) \
16	do { \
17	long __d0, __d1, __d2; \
18	might_fault(); \
19	__asm__ __volatile__( \
20	" testq %1,%1\n" \
21	" jz 2f\n" \
22	"0: lodsb\n" \
23	" stosb\n" \
24	" testb %%al,%%al\n" \
25	" jz 1f\n" \
26	" decq %1\n" \
27	" jnz 0b\n" \
28	"1: subq %1,%0\n" \
29	"2:\n" \
30	".section .fixup,\"ax\"\n" \
31	"3: movq %5,%0\n" \
32	" jmp 2b\n" \
33	".previous\n" \
34	_ASM_EXTABLE(0b,3b) \
35	: "=&r"(res), "=&c"(count), "=&a" (__d0), "=&S" (__d1), \
36	"=&D" (__d2) \
37	: "i"(-EFAULT), "0"(count), "1"(count), "3"(src), "4"(dst) \
38	: "memory"); \
39	} while (0)
40
41	long
42	__strncpy_from_user(char dst, const char __user src, long count)
43	{
44	long res;
45	__do_strncpy_from_user(dst, src, count, res);
46	return res;
47	}
48	EXPORT_SYMBOL(__strncpy_from_user);
49
50	long
51	strncpy_from_user(char dst, const char __user src, long count)
52	{
53	long res = -EFAULT;
54	if (access_ok(VERIFY_READ, src, 1))
55	return __strncpy_from_user(dst, src, count);
56	return res;
57	}
58	EXPORT_SYMBOL(strncpy_from_user);
59
60	/*
61	* Zero Userspace	12	* Zero Userspace
62	*/	13	*/
63		14