Home Explore Help
Sign In
phreedom2600net
/
linux-libre
Watch 2
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 0d5005ec5c
Branches Tags
linux-libre
/
lib
/
strnlen_user.c

strnlen_user.c 4.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158 
  1. #include <linux/kernel.h>
    2. 

  2. #include <linux/export.h>
    3. 

  3. #include <linux/uaccess.h>
    4. 

  4. 

  5. #include <asm/word-at-a-time.h>
    6. 

  6. 

  7. /* Set bits in the first 'n' bytes when loaded from memory */
    8. 

  8. #ifdef __LITTLE_ENDIAN
    9. 

  9. #  define aligned_byte_mask(n) ((1ul << 8*(n))-1)
    10. 

  10. #else
    11. 

  11. #  define aligned_byte_mask(n) (~0xfful << (BITS_PER_LONG - 8 - 8*(n)))
    12. 

  12. #endif
    13. 

  13. 

  14. /*
    15. 

  15.  * Do a strnlen, return length of string *with* final '\0'.
    16. 

  16.  * 'count' is the user-supplied count, while 'max' is the
    17. 

  17.  * address space maximum.
    18. 

  18.  *
    19. 

  19.  * Return 0 for exceptions (which includes hitting the address
    20. 

  20.  * space maximum), or 'count+1' if hitting the user-supplied
    21. 

  21.  * maximum count.
    22. 

  22.  *
    23. 

  23.  * NOTE! We can sometimes overshoot the user-supplied maximum
    24. 

  24.  * if it fits in a aligned 'long'. The caller needs to check
    25. 

  25.  * the return value against "> max".
    26. 

  26.  */
    27. 

  27. static inline long do_strnlen_user(const char __user *src, unsigned long count, unsigned long max)
    28. 

  28. {
    29. 

  29. 	const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;
    30. 

  30. 	long align, res = 0;
    31. 

  31. 	unsigned long c;
    32. 

  32. 

  33. 	/*
    34. 

  34. 	 * Truncate 'max' to the user-specified limit, so that
    35. 

  35. 	 * we only have one limit we need to check in the loop
    36. 

  36. 	 */
    37. 

  37. 	if (max > count)
    38. 

  38. 		max = count;
    39. 

  39. 

  40. 	/*
    41. 

  41. 	 * Do everything aligned. But that means that we
    42. 

  42. 	 * need to also expand the maximum..
    43. 

  43. 	 */
    44. 

  44. 	align = (sizeof(long) - 1) & (unsigned long)src;
    45. 

  45. 	src -= align;
    46. 

  46. 	max += align;
    47. 

  47. 

  48. 	unsafe_get_user(c, (unsigned long __user *)src, efault);
    49. 

  49. 	c |= aligned_byte_mask(align);
    50. 

  50. 

  51. 	for (;;) {
    52. 

  52. 		unsigned long data;
    53. 

  53. 		if (has_zero(c, &data, &constants)) {
    54. 

  54. 			data = prep_zero_mask(c, data, &constants);
    55. 

  55. 			data = create_zero_mask(data);
    56. 

  56. 			return res + find_zero(data) + 1 - align;
    57. 

  57. 		}
    58. 

  58. 		res += sizeof(unsigned long);
    59. 

  59. 		/* We already handled 'unsigned long' bytes. Did we do it all ? */
    60. 

  60. 		if (unlikely(max <= sizeof(unsigned long)))
    61. 

  61. 			break;
    62. 

  62. 		max -= sizeof(unsigned long);
    63. 

  63. 		unsafe_get_user(c, (unsigned long __user *)(src+res), efault);
    64. 

  64. 	}
    65. 

  65. 	res -= align;
    66. 

  66. 

  67. 	/*
    68. 

  68. 	 * Uhhuh. We hit 'max'. But was that the user-specified maximum
    69. 

  69. 	 * too? If so, return the marker for "too long".
    70. 

  70. 	 */
    71. 

  71. 	if (res >= count)
    72. 

  72. 		return count+1;
    73. 

  73. 

  74. 	/*
    75. 

  75. 	 * Nope: we hit the address space limit, and we still had more
    76. 

  76. 	 * characters the caller would have wanted. That's 0.
    77. 

  77. 	 */
    78. 

  78. efault:
    79. 

  79. 	return 0;
    80. 

  80. }
    81. 

  81. 

  82. /**
    83. 

  83.  * strnlen_user: - Get the size of a user string INCLUDING final NUL.
    84. 

  84.  * @str: The string to measure.
    85. 

  85.  * @count: Maximum count (including NUL character)
    86. 

  86.  *
    87. 

  87.  * Context: User context only. This function may sleep if pagefaults are
    88. 

  88.  *          enabled.
    89. 

  89.  *
    90. 

  90.  * Get the size of a NUL-terminated string in user space.
    91. 

  91.  *
    92. 

  92.  * Returns the size of the string INCLUDING the terminating NUL.
    93. 

  93.  * If the string is too long, returns a number larger than @count. User
    94. 

  94.  * has to check the return value against "> count".
    95. 

  95.  * On exception (or invalid count), returns 0.
    96. 

  96.  *
    97. 

  97.  * NOTE! You should basically never use this function. There is
    98. 

  98.  * almost never any valid case for using the length of a user space
    99. 

  99.  * string, since the string can be changed at any time by other
    100. 

  100.  * threads. Use "strncpy_from_user()" instead to get a stable copy
    101. 

  101.  * of the string.
    102. 

  102.  */
    103. 

  103. long strnlen_user(const char __user *str, long count)
    104. 

  104. {
    105. 

  105. 	unsigned long max_addr, src_addr;
    106. 

  106. 

  107. 	if (unlikely(count <= 0))
    108. 

  108. 		return 0;
    109. 

  109. 

  110. 	max_addr = user_addr_max();
    111. 

  111. 	src_addr = (unsigned long)str;
    112. 

  112. 	if (likely(src_addr < max_addr)) {
    113. 

  113. 		unsigned long max = max_addr - src_addr;
    114. 

  114. 		long retval;
    115. 

  115. 

  116. 		user_access_begin();
    117. 

  117. 		retval = do_strnlen_user(str, count, max);
    118. 

  118. 		user_access_end();
    119. 

  119. 		return retval;
    120. 

  120. 	}
    121. 

  121. 	return 0;
    122. 

  122. }
    123. 

  123. EXPORT_SYMBOL(strnlen_user);
    124. 

  124. 

  125. /**
    126. 

  126.  * strlen_user: - Get the size of a user string INCLUDING final NUL.
    127. 

  127.  * @str: The string to measure.
    128. 

  128.  *
    129. 

  129.  * Context: User context only. This function may sleep if pagefaults are
    130. 

  130.  *          enabled.
    131. 

  131.  *
    132. 

  132.  * Get the size of a NUL-terminated string in user space.
    133. 

  133.  *
    134. 

  134.  * Returns the size of the string INCLUDING the terminating NUL.
    135. 

  135.  * On exception, returns 0.
    136. 

  136.  *
    137. 

  137.  * If there is a limit on the length of a valid string, you may wish to
    138. 

  138.  * consider using strnlen_user() instead.
    139. 

  139.  */
    140. 

  140. long strlen_user(const char __user *str)
    141. 

  141. {
    142. 

  142. 	unsigned long max_addr, src_addr;
    143. 

  143. 

  144. 	max_addr = user_addr_max();
    145. 

  145. 	src_addr = (unsigned long)str;
    146. 

  146. 	if (likely(src_addr < max_addr)) {
    147. 

  147. 		unsigned long max = max_addr - src_addr;
    148. 

  148. 		long retval;
    149. 

  149. 

  150. 		user_access_begin();
    151. 

  151. 		retval = do_strnlen_user(str, ~0ul, max);
    152. 

  152. 		user_access_end();
    153. 

  153. 		return retval;
    154. 

  154. 	}
    155. 

  155. 	return 0;
    156. 

  156. }
    157. 

  157. EXPORT_SYMBOL(strlen_user);
    158. 

  158.