8 files changed, 136 insertions, 198 deletions
diff --git a/arch/sparc/include/asm/uaccess.h b/arch/sparc/include/asm/uaccess.h
index e88fbe5c0457..42a28cfd941f 100644
--- a/arch/sparc/include/asm/uaccess.h
+++ b/arch/sparc/include/asm/uaccess.h
@@ -5,4 +5,7 @@
 #else
 #include <asm/uaccess_32.h>
 #endif
+extern long strncpy_from_user(char *dest, const char __user *src, long count);
 #endif
diff --git a/arch/sparc/include/asm/uaccess_32.h b/arch/sparc/include/asm/uaccess_32.h
index d50c310f5d38..59586b57ef1a 100644
--- a/arch/sparc/include/asm/uaccess_32.h
+++ b/arch/sparc/include/asm/uaccess_32.h
@@ -304,16 +304,6 @@ static inline unsigned long clear_user(void __user *addr, unsigned long n)
                return n;
 }
-extern long __strncpy_from_user(char *dest, const char __user *src, long count);
-static inline long strncpy_from_user(char *dest, const char __user *src, long count)
-{
-        if (__access_ok((unsigned long) src, count))
-                return __strncpy_from_user(dest, src, count);
-        else
-                return -EFAULT;
-}
 extern long __strlen_user(const char __user *);
 extern long __strnlen_user(const char __user *, long len);
diff --git a/arch/sparc/include/asm/uaccess_64.h b/arch/sparc/include/asm/uaccess_64.h
index a1091afb8831..dcdfb89cbf3f 100644
--- a/arch/sparc/include/asm/uaccess_64.h
+++ b/arch/sparc/include/asm/uaccess_64.h
@@ -257,10 +257,6 @@ extern unsigned long __must_check __clear_user(void __user *, unsigned long);
 #define clear_user __clear_user
-extern long __must_check __strncpy_from_user(char *dest, const char __user *src, long count);
-#define strncpy_from_user __strncpy_from_user
 extern long __strlen_user(const char __user *);
 extern long __strnlen_user(const char __user *, long len);
diff --git a/arch/sparc/lib/Makefile b/arch/sparc/lib/Makefile
index 389628f50a15..943d98dc4cdb 100644
--- a/arch/sparc/lib/Makefile
+++ b/arch/sparc/lib/Makefile
@@ -10,7 +10,7 @@ lib-y                 += strlen.o
 lib-y                 += checksum_$(BITS).o
 lib-$(CONFIG_SPARC32) += blockops.o
 lib-y                 += memscan_$(BITS).o memcmp.o strncmp_$(BITS).o
-lib-y                 += strncpy_from_user_$(BITS).o strlen_user_$(BITS).o
+lib-y                 += strlen_user_$(BITS).o
 lib-$(CONFIG_SPARC32) += divdi3.o udivdi3.o
 lib-$(CONFIG_SPARC32) += copy_user.o locks.o
 lib-$(CONFIG_SPARC64) += atomic_64.o
diff --git a/arch/sparc/lib/ksyms.c b/arch/sparc/lib/ksyms.c
index 2dc30875c8bc..6b278abdb63d 100644
--- a/arch/sparc/lib/ksyms.c
+++ b/arch/sparc/lib/ksyms.c
@@ -33,9 +33,6 @@ EXPORT_SYMBOL(memset);
 EXPORT_SYMBOL(memmove);
 EXPORT_SYMBOL(__bzero);
-/* Moving data to/from/in userspace. */
-EXPORT_SYMBOL(__strncpy_from_user);
 /* Networking helper routines. */
 EXPORT_SYMBOL(csum_partial);
diff --git a/arch/sparc/lib/strncpy_from_user_32.S b/arch/sparc/lib/strncpy_from_user_32.S
deleted file mode 100644
index db0ed2964bdb..000000000000
--- a/arch/sparc/lib/strncpy_from_user_32.S
+++ /dev/null
@@ -1,47 +0,0 @@
-/* strncpy_from_user.S: Sparc strncpy from userspace.
- *
- *  Copyright(C) 1996 David S. Miller
- */
-#include <linux/linkage.h>
-#include <asm/ptrace.h>
-#include <asm/errno.h>
-        .text
-        /* Must return:
-         *
-         * -EFAULT              for an exception
-         * count                if we hit the buffer limit
-         * bytes copied         if we hit a null byte
-         */
-ENTRY(__strncpy_from_user)
-        /* %o0=dest, %o1=src, %o2=count */
-        mov     %o2, %o3
-1:
-        subcc   %o2, 1, %o2
-        bneg    2f
-         nop
-10:
-        ldub    [%o1], %o4
-        add     %o0, 1, %o0
-        cmp     %o4, 0
-        add     %o1, 1, %o1
-        bne     1b
-         stb    %o4, [%o0 - 1]
-2:
-        add     %o2, 1, %o0
-        retl
-         sub    %o3, %o0, %o0
-ENDPROC(__strncpy_from_user)
-        .section .fixup,#alloc,#execinstr
-        .align  4
-4:
-        retl
-         mov    -EFAULT, %o0
-        .section __ex_table,#alloc
-        .align  4
-        .word   10b, 4b
diff --git a/arch/sparc/lib/strncpy_from_user_64.S b/arch/sparc/lib/strncpy_from_user_64.S
deleted file mode 100644
index d1246b713077..000000000000
--- a/arch/sparc/lib/strncpy_from_user_64.S
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * strncpy_from_user.S: Sparc64 strncpy from userspace.
- *
- *  Copyright (C) 1997, 1999 Jakub Jelinek (jj@ultra.linux.cz)
- */
-#include <linux/linkage.h>
-#include <asm/asi.h>
-#include <asm/errno.h>
-        .data
-        .align  8
-0:      .xword  0x0101010101010101
-        .text
-        /* Must return:
-         *
-         * -EFAULT              for an exception
-         * count                if we hit the buffer limit
-         * bytes copied         if we hit a null byte
-         * (without the null byte)
-         *
-         * This implementation assumes:
-         * %o1 is 8 aligned => !(%o2 & 7)
-         * %o0 is 8 aligned (if not, it will be slooooow, but will work)
-         *
-         * This is optimized for the common case:
-         * in my stats, 90% of src are 8 aligned (even on sparc32)
-         * and average length is 18 or so.
-         */
-ENTRY(__strncpy_from_user)
-        /* %o0=dest, %o1=src, %o2=count */
-        andcc   %o1, 7, %g0             ! IEU1  Group
-        bne,pn  %icc, 30f               ! CTI
-         add    %o0, %o2, %g3           ! IEU0
-60:     ldxa    [%o1] %asi, %g1         ! Load  Group
-        brlez,pn %o2, 10f               ! CTI
-         mov    %o0, %o3                ! IEU0
-50:     sethi   %hi(0b), %o4            ! IEU0  Group
-        ldx     [%o4 + %lo(0b)], %o4    ! Load
-        sllx    %o4, 7, %o5             ! IEU1  Group
-1:      sub     %g1, %o4, %g2           ! IEU0  Group
-        stx     %g1, [%o0]              ! Store
-        add     %o0, 8, %o0             ! IEU1
-        andcc   %g2, %o5, %g0           ! IEU1  Group
-        bne,pn  %xcc, 5f                ! CTI
-         add    %o1, 8, %o1             ! IEU0
-        cmp     %o0, %g3                ! IEU1  Group
-        bl,a,pt %xcc, 1b                ! CTI
-61:      ldxa   [%o1] %asi, %g1         ! Load
-10:     retl                            ! CTI   Group
-         mov    %o2, %o0                ! IEU0
-5:      srlx    %g2, 32, %g7            ! IEU0  Group
-        sethi   %hi(0xff00), %o4        ! IEU1
-        andcc   %g7, %o5, %g0           ! IEU1  Group
-        be,pn   %icc, 2f                ! CTI
-         or     %o4, %lo(0xff00), %o4   ! IEU0
-        srlx    %g1, 48, %g7            ! IEU0  Group
-        andcc   %g7, %o4, %g0           ! IEU1  Group
-        be,pn   %icc, 50f               ! CTI
-         andcc  %g7, 0xff, %g0          ! IEU1  Group
-        be,pn   %icc, 51f               ! CTI
-         srlx   %g1, 32, %g7            ! IEU0
-        andcc   %g7, %o4, %g0           ! IEU1  Group
-        be,pn   %icc, 52f               ! CTI
-         andcc  %g7, 0xff, %g0          ! IEU1  Group
-        be,pn   %icc, 53f               ! CTI
-2:       andcc  %g2, %o5, %g0           ! IEU1  Group
-        be,pn   %icc, 2f                ! CTI
-         srl    %g1, 16, %g7            ! IEU0
-        andcc   %g7, %o4, %g0           ! IEU1  Group
-        be,pn   %icc, 54f               ! CTI
-         andcc  %g7, 0xff, %g0          ! IEU1  Group
-        be,pn   %icc, 55f               ! CTI
-         andcc  %g1, %o4, %g0           ! IEU1  Group
-        be,pn   %icc, 56f               ! CTI
-         andcc  %g1, 0xff, %g0          ! IEU1  Group
-        be,a,pn %icc, 57f               ! CTI
-         sub    %o0, %o3, %o0           ! IEU0
-2:      cmp     %o0, %g3                ! IEU1  Group
-        bl,a,pt %xcc, 50b               ! CTI
-62:      ldxa   [%o1] %asi, %g1         ! Load
-        retl                            ! CTI   Group
-         mov    %o2, %o0                ! IEU0
-50:     sub     %o0, %o3, %o0
-        retl
-         sub    %o0, 8, %o0
-51:     sub     %o0, %o3, %o0
-        retl
-         sub    %o0, 7, %o0
-52:     sub     %o0, %o3, %o0
-        retl
-         sub    %o0, 6, %o0
-53:     sub     %o0, %o3, %o0
-        retl
-         sub    %o0, 5, %o0
-54:     sub     %o0, %o3, %o0
-        retl
-         sub    %o0, 4, %o0
-55:     sub     %o0, %o3, %o0
-        retl
-         sub    %o0, 3, %o0
-56:     sub     %o0, %o3, %o0
-        retl
-         sub    %o0, 2, %o0
-57:     retl
-         sub    %o0, 1, %o0
-30:     brlez,pn %o2, 3f
-         sub    %g0, %o2, %o3
-        add     %o0, %o2, %o0
-63:     lduba   [%o1] %asi, %o4
-1:      add     %o1, 1, %o1
-        brz,pn  %o4, 2f
-         stb    %o4, [%o0 + %o3]
-        addcc   %o3, 1, %o3
-        bne,pt  %xcc, 1b
-64:      lduba  [%o1] %asi, %o4
-3:      retl
-         mov    %o2, %o0
-2:      retl
-         add    %o2, %o3, %o0
-ENDPROC(__strncpy_from_user)
-        .section __ex_table,"a"
-        .align  4
-        .word   60b, __retl_efault
-        .word   61b, __retl_efault
-        .word   62b, __retl_efault
-        .word   63b, __retl_efault
-        .word   64b, __retl_efault
-        .previous
diff --git a/arch/sparc/lib/usercopy.c b/arch/sparc/lib/usercopy.c
index 14b363fec8a2..851cb75ce189 100644
--- a/arch/sparc/lib/usercopy.c
+++ b/arch/sparc/lib/usercopy.c
@@ -1,4 +1,6 @@
 #include <linux/module.h>
+#include <linux/uaccess.h>
+#include <linux/errno.h>
 #include <linux/bug.h>
 void copy_from_user_overflow(void)
@@ -6,3 +8,133 @@ void copy_from_user_overflow(void)
        WARN(1, "Buffer overflow detected!\n");
 }
 EXPORT_SYMBOL(copy_from_user_overflow);
+#define REPEAT_BYTE(x)  ((~0ul / 0xff) * (x))
+/* Return the high bit set in the first byte that is a zero */
+static inline unsigned long has_zero(unsigned long a)
+{
+        return ((a - REPEAT_BYTE(0x01)) & ~a) & REPEAT_BYTE(0x80);
+}
+static inline long find_zero(unsigned long c)
+{
+#ifdef CONFIG_64BIT
+        if (!(c & 0xff00000000000000UL))
+                return 0;
+        if (!(c & 0x00ff000000000000UL))
+                return 1;
+        if (!(c & 0x0000ff0000000000UL))
+                return 2;
+        if (!(c & 0x000000ff00000000UL))
+                return 3;
+#define __OFF 4
+#else
+#define __OFF 0
+#endif
+        if (!(c & 0xff000000))
+                return __OFF + 0;
+        if (!(c & 0x00ff0000))
+                return __OFF + 1;
+        if (!(c & 0x0000ff00))
+                return __OFF + 2;
+        return __OFF + 3;
+#undef __OFF
+}
+/*
+ * Do a strncpy, return length of string without final '\0'.
+ * 'count' is the user-supplied count (return 'count' if we
+ * hit it), 'max' is the address space maximum (and we return
+ * -EFAULT if we hit it).
+ */
+static inline long do_strncpy_from_user(char *dst, const char __user *src, long count, unsigned long max)
+{
+        long res = 0;
+        /*
+         * Truncate 'max' to the user-specified limit, so that
+         * we only have one limit we need to check in the loop
+         */
+        if (max > count)
+                max = count;
+        if (((long) dst | (long) src) & (sizeof(long) - 1))
+                goto byte_at_a_time;
+        while (max >= sizeof(unsigned long)) {
+                unsigned long c;
+                /* Fall back to byte-at-a-time if we get a page fault */
+                if (unlikely(__get_user(c,(unsigned long __user *)(src+res))))
+                        break;
+                *(unsigned long *)(dst+res) = c;
+                if (has_zero(c))
+                        return res + find_zero(c);
+                res += sizeof(unsigned long);
+                max -= sizeof(unsigned long);
+        }
+byte_at_a_time:
+        while (max) {
+                char c;
+                if (unlikely(__get_user(c,src+res)))
+                        return -EFAULT;
+                dst[res] = c;
+                if (!c)
+                        return res;
+                res++;
+                max--;
+        }
+        /*
+         * Uhhuh. We hit 'max'. But was that the user-specified maximum
+         * too? If so, that's ok - we got as much as the user asked for.
+         */
+        if (res >= count)
+                return res;
+        /*
+         * Nope: we hit the address space limit, and we still had more
+         * characters the caller would have wanted. That's an EFAULT.
+         */
+        return -EFAULT;
+}
+/**
+ * strncpy_from_user: - Copy a NUL terminated string from userspace.
+ * @dst:   Destination address, in kernel space.  This buffer must be at
+ *         least @count bytes long.
+ * @src:   Source address, in user space.
+ * @count: Maximum number of bytes to copy, including the trailing NUL.
+ *
+ * Copies a NUL-terminated string from userspace to kernel space.
+ *
+ * On success, returns the length of the string (not including the trailing
+ * NUL).
+ *
+ * If access to userspace fails, returns -EFAULT (some data may have been
+ * copied).
+ *
+ * If @count is smaller than the length of the string, copies @count bytes
+ * and returns @count.
+ */
+long strncpy_from_user(char *dst, const char __user *src, long count)
+{
+        unsigned long max_addr, src_addr;
+        if (unlikely(count <= 0))
+                return 0;
+        max_addr = ~0UL;
+        if (likely(segment_eq(get_fs(), USER_DS)))
+                max_addr = STACK_TOP;
+        src_addr = (unsigned long)src;
+        if (likely(src_addr < max_addr)) {
+                unsigned long max = max_addr - src_addr;
+                return do_strncpy_from_user(dst, src, count, max);
+        }
+        return -EFAULT;
+}
+EXPORT_SYMBOL(strncpy_from_user);

diff --git a/arch/sparc/include/asm/uaccess.h b/arch/sparc/include/asm/uaccess.h index e88fbe5c0457..42a28cfd941f 100644 --- a/arch/sparc/include/asm/uaccess.h +++ b/arch/sparc/include/asm/uaccess.h
@@ -5,4 +5,7 @@
5	#else	5	#else
6	#include <asm/uaccess_32.h>	6	#include <asm/uaccess_32.h>
7	#endif	7	#endif
		8
		9	extern long strncpy_from_user(char dest, const char __user src, long count);
		10
8	#endif	11	#endif


diff --git a/arch/sparc/include/asm/uaccess_32.h b/arch/sparc/include/asm/uaccess_32.h index d50c310f5d38..59586b57ef1a 100644 --- a/arch/sparc/include/asm/uaccess_32.h +++ b/arch/sparc/include/asm/uaccess_32.h
@@ -304,16 +304,6 @@ static inline unsigned long clear_user(void __user *addr, unsigned long n)
304	return n;	304	return n;
305	}	305	}
306		306
307	extern long __strncpy_from_user(char dest, const char __user src, long count);
308
309	static inline long strncpy_from_user(char dest, const char __user src, long count)
310	{
311	if (__access_ok((unsigned long) src, count))
312	return __strncpy_from_user(dest, src, count);
313	else
314	return -EFAULT;
315	}
316
317	extern long __strlen_user(const char __user *);	307	extern long __strlen_user(const char __user *);
318	extern long __strnlen_user(const char __user *, long len);	308	extern long __strnlen_user(const char __user *, long len);
319		309


diff --git a/arch/sparc/include/asm/uaccess_64.h b/arch/sparc/include/asm/uaccess_64.h index a1091afb8831..dcdfb89cbf3f 100644 --- a/arch/sparc/include/asm/uaccess_64.h +++ b/arch/sparc/include/asm/uaccess_64.h
@@ -257,10 +257,6 @@ extern unsigned long __must_check __clear_user(void __user *, unsigned long);
257		257
258	#define clear_user __clear_user	258	#define clear_user __clear_user
259		259
260	extern long __must_check __strncpy_from_user(char dest, const char __user src, long count);
261
262	#define strncpy_from_user __strncpy_from_user
263
264	extern long __strlen_user(const char __user *);	260	extern long __strlen_user(const char __user *);
265	extern long __strnlen_user(const char __user *, long len);	261	extern long __strnlen_user(const char __user *, long len);
266		262


diff --git a/arch/sparc/lib/Makefile b/arch/sparc/lib/Makefile index 389628f50a15..943d98dc4cdb 100644 --- a/arch/sparc/lib/Makefile +++ b/arch/sparc/lib/Makefile
@@ -10,7 +10,7 @@ lib-y += strlen.o
10	lib-y += checksum_$(BITS).o	10	lib-y += checksum_$(BITS).o
11	lib-$(CONFIG_SPARC32) += blockops.o	11	lib-$(CONFIG_SPARC32) += blockops.o
12	lib-y += memscan_$(BITS).o memcmp.o strncmp_$(BITS).o	12	lib-y += memscan_$(BITS).o memcmp.o strncmp_$(BITS).o
13	lib-y += strncpy_from_user_$(BITS).o strlen_user_$(BITS).o	13	lib-y += strlen_user_$(BITS).o
14	lib-$(CONFIG_SPARC32) += divdi3.o udivdi3.o	14	lib-$(CONFIG_SPARC32) += divdi3.o udivdi3.o
15	lib-$(CONFIG_SPARC32) += copy_user.o locks.o	15	lib-$(CONFIG_SPARC32) += copy_user.o locks.o
16	lib-$(CONFIG_SPARC64) += atomic_64.o	16	lib-$(CONFIG_SPARC64) += atomic_64.o


diff --git a/arch/sparc/lib/ksyms.c b/arch/sparc/lib/ksyms.c index 2dc30875c8bc..6b278abdb63d 100644 --- a/arch/sparc/lib/ksyms.c +++ b/arch/sparc/lib/ksyms.c
@@ -33,9 +33,6 @@ EXPORT_SYMBOL(memset);
33	EXPORT_SYMBOL(memmove);	33	EXPORT_SYMBOL(memmove);
34	EXPORT_SYMBOL(__bzero);	34	EXPORT_SYMBOL(__bzero);
35		35
36	/* Moving data to/from/in userspace. */
37	EXPORT_SYMBOL(__strncpy_from_user);
38
39	/* Networking helper routines. */	36	/* Networking helper routines. */
40	EXPORT_SYMBOL(csum_partial);	37	EXPORT_SYMBOL(csum_partial);
41		38


diff --git a/arch/sparc/lib/strncpy_from_user_32.S b/arch/sparc/lib/strncpy_from_user_32.S deleted file mode 100644 index db0ed2964bdb..000000000000 --- a/arch/sparc/lib/strncpy_from_user_32.S +++ /dev/null
@@ -1,47 +0,0 @@
1	/* strncpy_from_user.S: Sparc strncpy from userspace.
2	*
3	* Copyright(C) 1996 David S. Miller
4	*/
5
6	#include <linux/linkage.h>
7	#include <asm/ptrace.h>
8	#include <asm/errno.h>
9
10	.text
11
12	/* Must return:
13	*
14	* -EFAULT for an exception
15	* count if we hit the buffer limit
16	* bytes copied if we hit a null byte
17	*/
18
19	ENTRY(__strncpy_from_user)
20	/* %o0=dest, %o1=src, %o2=count */
21	mov %o2, %o3
22	1:
23	subcc %o2, 1, %o2
24	bneg 2f
25	nop
26	10:
27	ldub [%o1], %o4
28	add %o0, 1, %o0
29	cmp %o4, 0
30	add %o1, 1, %o1
31	bne 1b
32	stb %o4, [%o0 - 1]
33	2:
34	add %o2, 1, %o0
35	retl
36	sub %o3, %o0, %o0
37	ENDPROC(__strncpy_from_user)
38
39	.section .fixup,#alloc,#execinstr
40	.align 4
41	4:
42	retl
43	mov -EFAULT, %o0
44
45	.section __ex_table,#alloc
46	.align 4
47	.word 10b, 4b


diff --git a/arch/sparc/lib/strncpy_from_user_64.S b/arch/sparc/lib/strncpy_from_user_64.S deleted file mode 100644 index d1246b713077..000000000000 --- a/arch/sparc/lib/strncpy_from_user_64.S +++ /dev/null
@@ -1,133 +0,0 @@
1	/*
2	* strncpy_from_user.S: Sparc64 strncpy from userspace.
3	*
4	* Copyright (C) 1997, 1999 Jakub Jelinek (jj@ultra.linux.cz)
5	*/
6
7	#include <linux/linkage.h>
8	#include <asm/asi.h>
9	#include <asm/errno.h>
10
11	.data
12	.align 8
13	0: .xword 0x0101010101010101
14
15	.text
16
17	/* Must return:
18	*
19	* -EFAULT for an exception
20	* count if we hit the buffer limit
21	* bytes copied if we hit a null byte
22	* (without the null byte)
23	*
24	* This implementation assumes:
25	* %o1 is 8 aligned => !(%o2 & 7)
26	* %o0 is 8 aligned (if not, it will be slooooow, but will work)
27	*
28	* This is optimized for the common case:
29	* in my stats, 90% of src are 8 aligned (even on sparc32)
30	* and average length is 18 or so.
31	*/
32
33	ENTRY(__strncpy_from_user)
34	/* %o0=dest, %o1=src, %o2=count */
35	andcc %o1, 7, %g0 ! IEU1 Group
36	bne,pn %icc, 30f ! CTI
37	add %o0, %o2, %g3 ! IEU0
38	60: ldxa [%o1] %asi, %g1 ! Load Group
39	brlez,pn %o2, 10f ! CTI
40	mov %o0, %o3 ! IEU0
41	50: sethi %hi(0b), %o4 ! IEU0 Group
42	ldx [%o4 + %lo(0b)], %o4 ! Load
43	sllx %o4, 7, %o5 ! IEU1 Group
44	1: sub %g1, %o4, %g2 ! IEU0 Group
45	stx %g1, [%o0] ! Store
46	add %o0, 8, %o0 ! IEU1
47	andcc %g2, %o5, %g0 ! IEU1 Group
48	bne,pn %xcc, 5f ! CTI
49	add %o1, 8, %o1 ! IEU0
50	cmp %o0, %g3 ! IEU1 Group
51	bl,a,pt %xcc, 1b ! CTI
52	61: ldxa [%o1] %asi, %g1 ! Load
53	10: retl ! CTI Group
54	mov %o2, %o0 ! IEU0
55	5: srlx %g2, 32, %g7 ! IEU0 Group
56	sethi %hi(0xff00), %o4 ! IEU1
57	andcc %g7, %o5, %g0 ! IEU1 Group
58	be,pn %icc, 2f ! CTI
59	or %o4, %lo(0xff00), %o4 ! IEU0
60	srlx %g1, 48, %g7 ! IEU0 Group
61	andcc %g7, %o4, %g0 ! IEU1 Group
62	be,pn %icc, 50f ! CTI
63	andcc %g7, 0xff, %g0 ! IEU1 Group
64	be,pn %icc, 51f ! CTI
65	srlx %g1, 32, %g7 ! IEU0
66	andcc %g7, %o4, %g0 ! IEU1 Group
67	be,pn %icc, 52f ! CTI
68	andcc %g7, 0xff, %g0 ! IEU1 Group
69	be,pn %icc, 53f ! CTI
70	2: andcc %g2, %o5, %g0 ! IEU1 Group
71	be,pn %icc, 2f ! CTI
72	srl %g1, 16, %g7 ! IEU0
73	andcc %g7, %o4, %g0 ! IEU1 Group
74	be,pn %icc, 54f ! CTI
75	andcc %g7, 0xff, %g0 ! IEU1 Group
76	be,pn %icc, 55f ! CTI
77	andcc %g1, %o4, %g0 ! IEU1 Group
78	be,pn %icc, 56f ! CTI
79	andcc %g1, 0xff, %g0 ! IEU1 Group
80	be,a,pn %icc, 57f ! CTI
81	sub %o0, %o3, %o0 ! IEU0
82	2: cmp %o0, %g3 ! IEU1 Group
83	bl,a,pt %xcc, 50b ! CTI
84	62: ldxa [%o1] %asi, %g1 ! Load
85	retl ! CTI Group
86	mov %o2, %o0 ! IEU0
87	50: sub %o0, %o3, %o0
88	retl
89	sub %o0, 8, %o0
90	51: sub %o0, %o3, %o0
91	retl
92	sub %o0, 7, %o0
93	52: sub %o0, %o3, %o0
94	retl
95	sub %o0, 6, %o0
96	53: sub %o0, %o3, %o0
97	retl
98	sub %o0, 5, %o0
99	54: sub %o0, %o3, %o0
100	retl
101	sub %o0, 4, %o0
102	55: sub %o0, %o3, %o0
103	retl
104	sub %o0, 3, %o0
105	56: sub %o0, %o3, %o0
106	retl
107	sub %o0, 2, %o0
108	57: retl
109	sub %o0, 1, %o0
110	30: brlez,pn %o2, 3f
111	sub %g0, %o2, %o3
112	add %o0, %o2, %o0
113	63: lduba [%o1] %asi, %o4
114	1: add %o1, 1, %o1
115	brz,pn %o4, 2f
116	stb %o4, [%o0 + %o3]
117	addcc %o3, 1, %o3
118	bne,pt %xcc, 1b
119	64: lduba [%o1] %asi, %o4
120	3: retl
121	mov %o2, %o0
122	2: retl
123	add %o2, %o3, %o0
124	ENDPROC(__strncpy_from_user)
125
126	.section __ex_table,"a"
127	.align 4
128	.word 60b, __retl_efault
129	.word 61b, __retl_efault
130	.word 62b, __retl_efault
131	.word 63b, __retl_efault
132	.word 64b, __retl_efault
133	.previous


diff --git a/arch/sparc/lib/usercopy.c b/arch/sparc/lib/usercopy.c index 14b363fec8a2..851cb75ce189 100644 --- a/arch/sparc/lib/usercopy.c +++ b/arch/sparc/lib/usercopy.c
@@ -1,4 +1,6 @@
1	#include <linux/module.h>	1	#include <linux/module.h>
		2	#include <linux/uaccess.h>
		3	#include <linux/errno.h>
2	#include <linux/bug.h>	4	#include <linux/bug.h>
3		5
4	void copy_from_user_overflow(void)	6	void copy_from_user_overflow(void)
@@ -6,3 +8,133 @@ void copy_from_user_overflow(void)
6	WARN(1, "Buffer overflow detected!\n");	8	WARN(1, "Buffer overflow detected!\n");
7	}	9	}
8	EXPORT_SYMBOL(copy_from_user_overflow);	10	EXPORT_SYMBOL(copy_from_user_overflow);
		11
		12	#define REPEAT_BYTE(x) ((~0ul / 0xff) * (x))
		13
		14	/* Return the high bit set in the first byte that is a zero */
		15	static inline unsigned long has_zero(unsigned long a)
		16	{
		17	return ((a - REPEAT_BYTE(0x01)) & ~a) & REPEAT_BYTE(0x80);
		18	}
		19
		20	static inline long find_zero(unsigned long c)
		21	{
		22	#ifdef CONFIG_64BIT
		23	if (!(c & 0xff00000000000000UL))
		24	return 0;
		25	if (!(c & 0x00ff000000000000UL))
		26	return 1;
		27	if (!(c & 0x0000ff0000000000UL))
		28	return 2;
		29	if (!(c & 0x000000ff00000000UL))
		30	return 3;
		31	#define __OFF 4
		32	#else
		33	#define __OFF 0
		34	#endif
		35	if (!(c & 0xff000000))
		36	return __OFF + 0;
		37	if (!(c & 0x00ff0000))
		38	return __OFF + 1;
		39	if (!(c & 0x0000ff00))
		40	return __OFF + 2;
		41	return __OFF + 3;
		42	#undef __OFF
		43	}
		44
		45	/*
		46	* Do a strncpy, return length of string without final '\0'.
		47	* 'count' is the user-supplied count (return 'count' if we
		48	* hit it), 'max' is the address space maximum (and we return
		49	* -EFAULT if we hit it).
		50	*/
		51	static inline long do_strncpy_from_user(char dst, const char __user src, long count, unsigned long max)
		52	{
		53	long res = 0;
		54
		55	/*
		56	* Truncate 'max' to the user-specified limit, so that
		57	* we only have one limit we need to check in the loop
		58	*/
		59	if (max > count)
		60	max = count;
		61
		62	if (((long) dst \| (long) src) & (sizeof(long) - 1))
		63	goto byte_at_a_time;
		64
		65	while (max >= sizeof(unsigned long)) {
		66	unsigned long c;
		67
		68	/* Fall back to byte-at-a-time if we get a page fault */
		69	if (unlikely(__get_user(c,(unsigned long __user *)(src+res))))
		70	break;
		71	(unsigned long )(dst+res) = c;
		72	if (has_zero(c))
		73	return res + find_zero(c);
		74	res += sizeof(unsigned long);
		75	max -= sizeof(unsigned long);
		76	}
		77
		78	byte_at_a_time:
		79	while (max) {
		80	char c;
		81
		82	if (unlikely(__get_user(c,src+res)))
		83	return -EFAULT;
		84	dst[res] = c;
		85	if (!c)
		86	return res;
		87	res++;
		88	max--;
		89	}
		90
		91	/*
		92	* Uhhuh. We hit 'max'. But was that the user-specified maximum
		93	* too? If so, that's ok - we got as much as the user asked for.
		94	*/
		95	if (res >= count)
		96	return res;
		97
		98	/*
		99	* Nope: we hit the address space limit, and we still had more
		100	* characters the caller would have wanted. That's an EFAULT.
		101	*/
		102	return -EFAULT;
		103	}
		104
		105	/**
		106	* strncpy_from_user: - Copy a NUL terminated string from userspace.
		107	* @dst: Destination address, in kernel space. This buffer must be at
		108	* least @count bytes long.
		109	* @src: Source address, in user space.
		110	* @count: Maximum number of bytes to copy, including the trailing NUL.
		111	*
		112	* Copies a NUL-terminated string from userspace to kernel space.
		113	*
		114	* On success, returns the length of the string (not including the trailing
		115	* NUL).
		116	*
		117	* If access to userspace fails, returns -EFAULT (some data may have been
		118	* copied).
		119	*
		120	* If @count is smaller than the length of the string, copies @count bytes
		121	* and returns @count.
		122	*/
		123	long strncpy_from_user(char dst, const char __user src, long count)
		124	{
		125	unsigned long max_addr, src_addr;
		126
		127	if (unlikely(count <= 0))
		128	return 0;
		129
		130	max_addr = ~0UL;
		131	if (likely(segment_eq(get_fs(), USER_DS)))
		132	max_addr = STACK_TOP;
		133	src_addr = (unsigned long)src;
		134	if (likely(src_addr < max_addr)) {
		135	unsigned long max = max_addr - src_addr;
		136	return do_strncpy_from_user(dst, src, count, max);
		137	}
		138	return -EFAULT;
		139	}
		140	EXPORT_SYMBOL(strncpy_from_user);