tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge branch 'generic-string-functions'
This makes <asm/word-at-a-time.h> actually live up to its promise of
allowing architectures to help tune the string functions that do their
work a word at a time.
David had already taken the x86 strncpy_from_user() function, modified
it to work on sparc, and then done the extra work to make it generically
useful. This then expands on that work by making x86 use that generic
version, completing the circle.
But more importantly, it fixes up the word-at-a-time interfaces so that
it's now easy to also support things like strnlen_user(), and pretty
much most random string functions.
David reports that it all works fine on sparc, and Jonas Bonn reported
that an earlier version of this worked on OpenRISC too. It's pretty
easy for architectures to add support for this and just replace their
private versions with the generic code.
* generic-string-functions:
sparc: use the new generic strnlen_user() function
x86: use the new generic strnlen_user() function
lib: add generic strnlen_user() function
word-at-a-time: make the interfaces truly generic
x86: use generic strncpy_from_user routine
+258
-489
+1
arch/openrisc/include/asm/Kbuild
+1
arch/openrisc/include/asm/Kbuild
+1
arch/sparc/Kconfig
+1
arch/sparc/Kconfig
+1
arch/sparc/include/asm/Kbuild
+1
arch/sparc/include/asm/Kbuild
+4
-18
arch/sparc/include/asm/uaccess_32.h
+4
-18
arch/sparc/include/asm/uaccess_32.h
···
16
16
17
17
#ifndef __ASSEMBLY__
18
18
19
+
#include <asm/processor.h>
20
+
19
21
#define ARCH_HAS_SORT_EXTABLE
20
22
#define ARCH_HAS_SEARCH_EXTABLE
21
23
···
306
304
return n;
307
305
}
308
306
309
-
extern long __strlen_user(const char __user *);
310
-
extern long __strnlen_user(const char __user *, long len);
311
-
312
-
static inline long strlen_user(const char __user *str)
313
-
{
314
-
if (!access_ok(VERIFY_READ, str, 0))
315
-
return 0;
316
-
else
317
-
return __strlen_user(str);
318
-
}
319
-
320
-
static inline long strnlen_user(const char __user *str, long len)
321
-
{
322
-
if (!access_ok(VERIFY_READ, str, 0))
323
-
return 0;
324
-
else
325
-
return __strnlen_user(str, len);
326
-
}
307
+
extern __must_check long strlen_user(const char __user *str);
308
+
extern __must_check long strnlen_user(const char __user *str, long n);
327
309
328
310
#endif /* __ASSEMBLY__ */
329
311
+4
-4
arch/sparc/include/asm/uaccess_64.h
+4
-4
arch/sparc/include/asm/uaccess_64.h
···
17
17
18
18
#ifndef __ASSEMBLY__
19
19
20
+
#include <asm/processor.h>
21
+
20
22
/*
21
23
* Sparc64 is segmented, though more like the M68K than the I386.
22
24
* We use the secondary ASI to address user memory, which references a
···
259
257
260
258
#define clear_user __clear_user
261
259
262
-
extern long __strlen_user(const char __user *);
263
-
extern long __strnlen_user(const char __user *, long len);
260
+
extern __must_check long strlen_user(const char __user *str);
261
+
extern __must_check long strnlen_user(const char __user *str, long n);
264
262
265
-
#define strlen_user __strlen_user
266
-
#define strnlen_user __strnlen_user
267
263
#define __copy_to_user_inatomic ___copy_to_user
268
264
#define __copy_from_user_inatomic ___copy_from_user
269
265
-1
arch/sparc/lib/Makefile
-1
arch/sparc/lib/Makefile
···
10
10
lib-y += checksum_$(BITS).o
11
11
lib-$(CONFIG_SPARC32) += blockops.o
12
12
lib-y += memscan_$(BITS).o memcmp.o strncmp_$(BITS).o
13
-
lib-y += strlen_user_$(BITS).o
14
13
lib-$(CONFIG_SPARC32) += divdi3.o udivdi3.o
15
14
lib-$(CONFIG_SPARC32) += copy_user.o locks.o
16
15
lib-$(CONFIG_SPARC64) += atomic_64.o
-2
arch/sparc/lib/ksyms.c
-2
arch/sparc/lib/ksyms.c
-109
arch/sparc/lib/strlen_user_32.S
-109
arch/sparc/lib/strlen_user_32.S
···
1
-
/* strlen_user.S: Sparc optimized strlen_user code
2
-
*
3
-
* Return length of string in userspace including terminating 0
4
-
* or 0 for error
5
-
*
6
-
* Copyright (C) 1991,1996 Free Software Foundation
7
-
* Copyright (C) 1996 David S. Miller (davem@caip.rutgers.edu)
8
-
* Copyright (C) 1996 Jakub Jelinek (jj@sunsite.mff.cuni.cz)
9
-
*/
10
-
11
-
#define LO_MAGIC 0x01010101
12
-
#define HI_MAGIC 0x80808080
13
-
14
-
10:
15
-
ldub [%o0], %o5
16
-
cmp %o5, 0
17
-
be 1f
18
-
add %o0, 1, %o0
19
-
andcc %o0, 3, %g0
20
-
be 4f
21
-
or %o4, %lo(HI_MAGIC), %o3
22
-
11:
23
-
ldub [%o0], %o5
24
-
cmp %o5, 0
25
-
be 2f
26
-
add %o0, 1, %o0
27
-
andcc %o0, 3, %g0
28
-
be 5f
29
-
sethi %hi(LO_MAGIC), %o4
30
-
12:
31
-
ldub [%o0], %o5
32
-
cmp %o5, 0
33
-
be 3f
34
-
add %o0, 1, %o0
35
-
b 13f
36
-
or %o4, %lo(LO_MAGIC), %o2
37
-
1:
38
-
retl
39
-
mov 1, %o0
40
-
2:
41
-
retl
42
-
mov 2, %o0
43
-
3:
44
-
retl
45
-
mov 3, %o0
46
-
47
-
.align 4
48
-
.global __strlen_user, __strnlen_user
49
-
__strlen_user:
50
-
sethi %hi(32768), %o1
51
-
__strnlen_user:
52
-
mov %o1, %g1
53
-
mov %o0, %o1
54
-
andcc %o0, 3, %g0
55
-
bne 10b
56
-
sethi %hi(HI_MAGIC), %o4
57
-
or %o4, %lo(HI_MAGIC), %o3
58
-
4:
59
-
sethi %hi(LO_MAGIC), %o4
60
-
5:
61
-
or %o4, %lo(LO_MAGIC), %o2
62
-
13:
63
-
ld [%o0], %o5
64
-
2:
65
-
sub %o5, %o2, %o4
66
-
andcc %o4, %o3, %g0
67
-
bne 82f
68
-
add %o0, 4, %o0
69
-
sub %o0, %o1, %g2
70
-
81: cmp %g2, %g1
71
-
blu 13b
72
-
mov %o0, %o4
73
-
ba,a 1f
74
-
75
-
/* Check every byte. */
76
-
82: srl %o5, 24, %g5
77
-
andcc %g5, 0xff, %g0
78
-
be 1f
79
-
add %o0, -3, %o4
80
-
srl %o5, 16, %g5
81
-
andcc %g5, 0xff, %g0
82
-
be 1f
83
-
add %o4, 1, %o4
84
-
srl %o5, 8, %g5
85
-
andcc %g5, 0xff, %g0
86
-
be 1f
87
-
add %o4, 1, %o4
88
-
andcc %o5, 0xff, %g0
89
-
bne 81b
90
-
sub %o0, %o1, %g2
91
-
92
-
add %o4, 1, %o4
93
-
1:
94
-
retl
95
-
sub %o4, %o1, %o0
96
-
97
-
.section .fixup,#alloc,#execinstr
98
-
.align 4
99
-
9:
100
-
retl
101
-
clr %o0
102
-
103
-
.section __ex_table,#alloc
104
-
.align 4
105
-
106
-
.word 10b, 9b
107
-
.word 11b, 9b
108
-
.word 12b, 9b
109
-
.word 13b, 9b
-97
arch/sparc/lib/strlen_user_64.S
-97
arch/sparc/lib/strlen_user_64.S
···
1
-
/* strlen_user.S: Sparc64 optimized strlen_user code
2
-
*
3
-
* Return length of string in userspace including terminating 0
4
-
* or 0 for error
5
-
*
6
-
* Copyright (C) 1991,1996 Free Software Foundation
7
-
* Copyright (C) 1996,1999 David S. Miller (davem@redhat.com)
8
-
* Copyright (C) 1996,1997 Jakub Jelinek (jj@sunsite.mff.cuni.cz)
9
-
*/
10
-
11
-
#include <linux/linkage.h>
12
-
#include <asm/asi.h>
13
-
14
-
#define LO_MAGIC 0x01010101
15
-
#define HI_MAGIC 0x80808080
16
-
17
-
.align 4
18
-
ENTRY(__strlen_user)
19
-
sethi %hi(32768), %o1
20
-
ENTRY(__strnlen_user)
21
-
mov %o1, %g1
22
-
mov %o0, %o1
23
-
andcc %o0, 3, %g0
24
-
be,pt %icc, 9f
25
-
sethi %hi(HI_MAGIC), %o4
26
-
10: lduba [%o0] %asi, %o5
27
-
brz,pn %o5, 21f
28
-
add %o0, 1, %o0
29
-
andcc %o0, 3, %g0
30
-
be,pn %icc, 4f
31
-
or %o4, %lo(HI_MAGIC), %o3
32
-
11: lduba [%o0] %asi, %o5
33
-
brz,pn %o5, 22f
34
-
add %o0, 1, %o0
35
-
andcc %o0, 3, %g0
36
-
be,pt %icc, 13f
37
-
srl %o3, 7, %o2
38
-
12: lduba [%o0] %asi, %o5
39
-
brz,pn %o5, 23f
40
-
add %o0, 1, %o0
41
-
ba,pt %icc, 2f
42
-
15: lda [%o0] %asi, %o5
43
-
9: or %o4, %lo(HI_MAGIC), %o3
44
-
4: srl %o3, 7, %o2
45
-
13: lda [%o0] %asi, %o5
46
-
2: sub %o5, %o2, %o4
47
-
andcc %o4, %o3, %g0
48
-
bne,pn %icc, 82f
49
-
add %o0, 4, %o0
50
-
sub %o0, %o1, %g2
51
-
81: cmp %g2, %g1
52
-
blu,pt %icc, 13b
53
-
mov %o0, %o4
54
-
ba,a,pt %xcc, 1f
55
-
56
-
/* Check every byte. */
57
-
82: srl %o5, 24, %g7
58
-
andcc %g7, 0xff, %g0
59
-
be,pn %icc, 1f
60
-
add %o0, -3, %o4
61
-
srl %o5, 16, %g7
62
-
andcc %g7, 0xff, %g0
63
-
be,pn %icc, 1f
64
-
add %o4, 1, %o4
65
-
srl %o5, 8, %g7
66
-
andcc %g7, 0xff, %g0
67
-
be,pn %icc, 1f
68
-
add %o4, 1, %o4
69
-
andcc %o5, 0xff, %g0
70
-
bne,pt %icc, 81b
71
-
sub %o0, %o1, %g2
72
-
add %o4, 1, %o4
73
-
1: retl
74
-
sub %o4, %o1, %o0
75
-
21: retl
76
-
mov 1, %o0
77
-
22: retl
78
-
mov 2, %o0
79
-
23: retl
80
-
mov 3, %o0
81
-
ENDPROC(__strlen_user)
82
-
ENDPROC(__strnlen_user)
83
-
84
-
.section .fixup,#alloc,#execinstr
85
-
.align 4
86
-
30:
87
-
retl
88
-
clr %o0
89
-
90
-
.section __ex_table,"a"
91
-
.align 4
92
-
93
-
.word 10b, 30b
94
-
.word 11b, 30b
95
-
.word 12b, 30b
96
-
.word 15b, 30b
97
-
.word 13b, 30b
+2
arch/x86/Kconfig
+2
arch/x86/Kconfig
···
93
93
select GENERIC_CLOCKEVENTS_BROADCAST if X86_64 || (X86_32 && X86_LOCAL_APIC)
94
94
select GENERIC_TIME_VSYSCALL if X86_64
95
95
select KTIME_SCALAR if X86_32
96
+
select GENERIC_STRNCPY_FROM_USER
97
+
select GENERIC_STRNLEN_USER
96
98
97
99
config INSTRUCTION_DECODER
98
100
def_bool (KPROBES || PERF_EVENTS || UPROBES)
+4
arch/x86/include/asm/uaccess.h
+4
arch/x86/include/asm/uaccess.h
···
32
32
33
33
#define segment_eq(a, b) ((a).seg == (b).seg)
34
34
35
+
#define user_addr_max() (current_thread_info()->addr_limit.seg)
35
36
#define __addr_ok(addr) \
36
37
((unsigned long __force)(addr) < \
37
38
(current_thread_info()->addr_limit.seg))
···
565
564
copy_from_user_nmi(void *to, const void __user *from, unsigned long n);
566
565
extern __must_check long
567
566
strncpy_from_user(char *dst, const char __user *src, long count);
567
+
568
+
extern __must_check long strlen_user(const char __user *str);
569
+
extern __must_check long strnlen_user(const char __user *str, long n);
568
570
569
571
/*
570
572
* movsl can be slow when source and dest are not both 8-byte aligned
-17
arch/x86/include/asm/uaccess_32.h
-17
arch/x86/include/asm/uaccess_32.h
···
213
213
return n;
214
214
}
215
215
216
-
/**
217
-
* strlen_user: - Get the size of a string in user space.
218
-
* @str: The string to measure.
219
-
*
220
-
* Context: User context only. This function may sleep.
221
-
*
222
-
* Get the size of a NUL-terminated string in user space.
223
-
*
224
-
* Returns the size of the string INCLUDING the terminating NUL.
225
-
* On exception, returns 0.
226
-
*
227
-
* If there is a limit on the length of a valid string, you may wish to
228
-
* consider using strnlen_user() instead.
229
-
*/
230
-
#define strlen_user(str) strnlen_user(str, LONG_MAX)
231
-
232
-
long strnlen_user(const char __user *str, long n);
233
216
unsigned long __must_check clear_user(void __user *mem, unsigned long len);
234
217
unsigned long __must_check __clear_user(void __user *mem, unsigned long len);
235
218
-3
arch/x86/include/asm/uaccess_64.h
-3
arch/x86/include/asm/uaccess_64.h
···
208
208
}
209
209
}
210
210
211
-
__must_check long strnlen_user(const char __user *str, long n);
212
-
__must_check long __strnlen_user(const char __user *str, long n);
213
-
__must_check long strlen_user(const char __user *str);
214
211
__must_check unsigned long clear_user(void __user *mem, unsigned long len);
215
212
__must_check unsigned long __clear_user(void __user *mem, unsigned long len);
216
213
+29
-3
arch/x86/include/asm/word-at-a-time.h
+29
-3
arch/x86/include/asm/word-at-a-time.h
···
10
10
* bit count instruction, that might be better than the multiply
11
11
* and shift, for example.
12
12
*/
13
+
struct word_at_a_time {
14
+
const unsigned long one_bits, high_bits;
15
+
};
16
+
17
+
#define WORD_AT_A_TIME_CONSTANTS { REPEAT_BYTE(0x01), REPEAT_BYTE(0x80) }
13
18
14
19
#ifdef CONFIG_64BIT
15
20
···
42
37
43
38
#endif
44
39
45
-
/* Return the high bit set in the first byte that is a zero */
46
-
static inline unsigned long has_zero(unsigned long a)
40
+
/* Return nonzero if it has a zero */
41
+
static inline unsigned long has_zero(unsigned long a, unsigned long *bits, const struct word_at_a_time *c)
47
42
{
48
-
return ((a - REPEAT_BYTE(0x01)) & ~a) & REPEAT_BYTE(0x80);
43
+
unsigned long mask = ((a - c->one_bits) & ~a) & c->high_bits;
44
+
*bits = mask;
45
+
return mask;
46
+
}
47
+
48
+
static inline unsigned long prep_zero_mask(unsigned long a, unsigned long bits, const struct word_at_a_time *c)
49
+
{
50
+
return bits;
51
+
}
52
+
53
+
static inline unsigned long create_zero_mask(unsigned long bits)
54
+
{
55
+
bits = (bits - 1) & ~bits;
56
+
return bits >> 7;
57
+
}
58
+
59
+
/* The mask we created is directly usable as a bytemask */
60
+
#define zero_bytemask(mask) (mask)
61
+
62
+
static inline unsigned long find_zero(unsigned long mask)
63
+
{
64
+
return count_masked_bytes(mask);
49
65
}
50
66
51
67
/*
-97
arch/x86/lib/usercopy.c
-97
arch/x86/lib/usercopy.c
···
43
43
return len;
44
44
}
45
45
EXPORT_SYMBOL_GPL(copy_from_user_nmi);
46
-
47
-
/*
48
-
* Do a strncpy, return length of string without final '\0'.
49
-
* 'count' is the user-supplied count (return 'count' if we
50
-
* hit it), 'max' is the address space maximum (and we return
51
-
* -EFAULT if we hit it).
52
-
*/
53
-
static inline long do_strncpy_from_user(char *dst, const char __user *src, long count, unsigned long max)
54
-
{
55
-
long res = 0;
56
-
57
-
/*
58
-
* Truncate 'max' to the user-specified limit, so that
59
-
* we only have one limit we need to check in the loop
60
-
*/
61
-
if (max > count)
62
-
max = count;
63
-
64
-
while (max >= sizeof(unsigned long)) {
65
-
unsigned long c, mask;
66
-
67
-
/* Fall back to byte-at-a-time if we get a page fault */
68
-
if (unlikely(__get_user(c,(unsigned long __user *)(src+res))))
69
-
break;
70
-
mask = has_zero(c);
71
-
if (mask) {
72
-
mask = (mask - 1) & ~mask;
73
-
mask >>= 7;
74
-
*(unsigned long *)(dst+res) = c & mask;
75
-
return res + count_masked_bytes(mask);
76
-
}
77
-
*(unsigned long *)(dst+res) = c;
78
-
res += sizeof(unsigned long);
79
-
max -= sizeof(unsigned long);
80
-
}
81
-
82
-
while (max) {
83
-
char c;
84
-
85
-
if (unlikely(__get_user(c,src+res)))
86
-
return -EFAULT;
87
-
dst[res] = c;
88
-
if (!c)
89
-
return res;
90
-
res++;
91
-
max--;
92
-
}
93
-
94
-
/*
95
-
* Uhhuh. We hit 'max'. But was that the user-specified maximum
96
-
* too? If so, that's ok - we got as much as the user asked for.
97
-
*/
98
-
if (res >= count)
99
-
return res;
100
-
101
-
/*
102
-
* Nope: we hit the address space limit, and we still had more
103
-
* characters the caller would have wanted. That's an EFAULT.
104
-
*/
105
-
return -EFAULT;
106
-
}
107
-
108
-
/**
109
-
* strncpy_from_user: - Copy a NUL terminated string from userspace.
110
-
* @dst: Destination address, in kernel space. This buffer must be at
111
-
* least @count bytes long.
112
-
* @src: Source address, in user space.
113
-
* @count: Maximum number of bytes to copy, including the trailing NUL.
114
-
*
115
-
* Copies a NUL-terminated string from userspace to kernel space.
116
-
*
117
-
* On success, returns the length of the string (not including the trailing
118
-
* NUL).
119
-
*
120
-
* If access to userspace fails, returns -EFAULT (some data may have been
121
-
* copied).
122
-
*
123
-
* If @count is smaller than the length of the string, copies @count bytes
124
-
* and returns @count.
125
-
*/
126
-
long
127
-
strncpy_from_user(char *dst, const char __user *src, long count)
128
-
{
129
-
unsigned long max_addr, src_addr;
130
-
131
-
if (unlikely(count <= 0))
132
-
return 0;
133
-
134
-
max_addr = current_thread_info()->addr_limit.seg;
135
-
src_addr = (unsigned long)src;
136
-
if (likely(src_addr < max_addr)) {
137
-
unsigned long max = max_addr - src_addr;
138
-
return do_strncpy_from_user(dst, src, count, max);
139
-
}
140
-
return -EFAULT;
141
-
}
142
-
EXPORT_SYMBOL(strncpy_from_user);
-41
arch/x86/lib/usercopy_32.c
-41
arch/x86/lib/usercopy_32.c
···
95
95
}
96
96
EXPORT_SYMBOL(__clear_user);
97
97
98
-
/**
99
-
* strnlen_user: - Get the size of a string in user space.
100
-
* @s: The string to measure.
101
-
* @n: The maximum valid length
102
-
*
103
-
* Get the size of a NUL-terminated string in user space.
104
-
*
105
-
* Returns the size of the string INCLUDING the terminating NUL.
106
-
* On exception, returns 0.
107
-
* If the string is too long, returns a value greater than @n.
108
-
*/
109
-
long strnlen_user(const char __user *s, long n)
110
-
{
111
-
unsigned long mask = -__addr_ok(s);
112
-
unsigned long res, tmp;
113
-
114
-
might_fault();
115
-
116
-
__asm__ __volatile__(
117
-
" testl %0, %0\n"
118
-
" jz 3f\n"
119
-
" andl %0,%%ecx\n"
120
-
"0: repne; scasb\n"
121
-
" setne %%al\n"
122
-
" subl %%ecx,%0\n"
123
-
" addl %0,%%eax\n"
124
-
"1:\n"
125
-
".section .fixup,\"ax\"\n"
126
-
"2: xorl %%eax,%%eax\n"
127
-
" jmp 1b\n"
128
-
"3: movb $1,%%al\n"
129
-
" jmp 1b\n"
130
-
".previous\n"
131
-
_ASM_EXTABLE(0b,2b)
132
-
:"=&r" (n), "=&D" (s), "=&a" (res), "=&c" (tmp)
133
-
:"0" (n), "1" (s), "2" (0), "3" (mask)
134
-
:"cc");
135
-
return res & mask;
136
-
}
137
-
EXPORT_SYMBOL(strnlen_user);
138
-
139
98
#ifdef CONFIG_X86_INTEL_USERCOPY
140
99
static unsigned long
141
100
__copy_user_intel(void __user *to, const void *from, unsigned long size)
-48
arch/x86/lib/usercopy_64.c
-48
arch/x86/lib/usercopy_64.c
···
52
52
}
53
53
EXPORT_SYMBOL(clear_user);
54
54
55
-
/*
56
-
* Return the size of a string (including the ending 0)
57
-
*
58
-
* Return 0 on exception, a value greater than N if too long
59
-
*/
60
-
61
-
long __strnlen_user(const char __user *s, long n)
62
-
{
63
-
long res = 0;
64
-
char c;
65
-
66
-
while (1) {
67
-
if (res>n)
68
-
return n+1;
69
-
if (__get_user(c, s))
70
-
return 0;
71
-
if (!c)
72
-
return res+1;
73
-
res++;
74
-
s++;
75
-
}
76
-
}
77
-
EXPORT_SYMBOL(__strnlen_user);
78
-
79
-
long strnlen_user(const char __user *s, long n)
80
-
{
81
-
if (!access_ok(VERIFY_READ, s, 1))
82
-
return 0;
83
-
return __strnlen_user(s, n);
84
-
}
85
-
EXPORT_SYMBOL(strnlen_user);
86
-
87
-
long strlen_user(const char __user *s)
88
-
{
89
-
long res = 0;
90
-
char c;
91
-
92
-
for (;;) {
93
-
if (get_user(c, s))
94
-
return 0;
95
-
if (!c)
96
-
return res+1;
97
-
res++;
98
-
s++;
99
-
}
100
-
}
101
-
EXPORT_SYMBOL(strlen_user);
102
-
103
55
unsigned long copy_in_user(void __user *to, const void __user *from, unsigned len)
104
56
{
105
57
if (access_ok(VERIFY_WRITE, to, len) && access_ok(VERIFY_READ, from, len)) {
+11
-9
fs/namei.c
+11
-9
fs/namei.c
···
1452
1452
*/
1453
1453
static inline unsigned long hash_name(const char *name, unsigned int *hashp)
1454
1454
{
1455
-
unsigned long a, mask, hash, len;
1455
+
unsigned long a, b, adata, bdata, mask, hash, len;
1456
+
const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;
1456
1457
1457
1458
hash = a = 0;
1458
1459
len = -sizeof(unsigned long);
···
1461
1460
hash = (hash + a) * 9;
1462
1461
len += sizeof(unsigned long);
1463
1462
a = load_unaligned_zeropad(name+len);
1464
-
/* Do we have any NUL or '/' bytes in this word? */
1465
-
mask = has_zero(a) | has_zero(a ^ REPEAT_BYTE('/'));
1466
-
} while (!mask);
1463
+
b = a ^ REPEAT_BYTE('/');
1464
+
} while (!(has_zero(a, &adata, &constants) | has_zero(b, &bdata, &constants)));
1467
1465
1468
-
/* The mask *below* the first high bit set */
1469
-
mask = (mask - 1) & ~mask;
1470
-
mask >>= 7;
1471
-
hash += a & mask;
1466
+
adata = prep_zero_mask(a, adata, &constants);
1467
+
bdata = prep_zero_mask(b, bdata, &constants);
1468
+
1469
+
mask = create_zero_mask(adata | bdata);
1470
+
1471
+
hash += a & zero_bytemask(mask);
1472
1472
*hashp = fold_hash(hash);
1473
1473
1474
-
return len + count_masked_bytes(mask);
1474
+
return len + find_zero(mask);
1475
1475
}
1476
1476
1477
1477
#else
+52
include/asm-generic/word-at-a-time.h
+52
include/asm-generic/word-at-a-time.h
···
1
+
#ifndef _ASM_WORD_AT_A_TIME_H
2
+
#define _ASM_WORD_AT_A_TIME_H
3
+
4
+
/*
5
+
* This says "generic", but it's actually big-endian only.
6
+
* Little-endian can use more efficient versions of these
7
+
* interfaces, see for example
8
+
* arch/x86/include/asm/word-at-a-time.h
9
+
* for those.
10
+
*/
11
+
12
+
#include <linux/kernel.h>
13
+
14
+
struct word_at_a_time {
15
+
const unsigned long high_bits, low_bits;
16
+
};
17
+
18
+
#define WORD_AT_A_TIME_CONSTANTS { REPEAT_BYTE(0xfe) + 1, REPEAT_BYTE(0x7f) }
19
+
20
+
/* Bit set in the bytes that have a zero */
21
+
static inline long prep_zero_mask(unsigned long val, unsigned long rhs, const struct word_at_a_time *c)
22
+
{
23
+
unsigned long mask = (val & c->low_bits) + c->low_bits;
24
+
return ~(mask | rhs);
25
+
}
26
+
27
+
#define create_zero_mask(mask) (mask)
28
+
29
+
static inline long find_zero(unsigned long mask)
30
+
{
31
+
long byte = 0;
32
+
#ifdef CONFIG_64BIT
33
+
if (mask >> 32)
34
+
mask >>= 32;
35
+
else
36
+
byte = 4;
37
+
#endif
38
+
if (mask >> 16)
39
+
mask >>= 16;
40
+
else
41
+
byte += 2;
42
+
return (mask >> 8) ? byte : byte + 1;
43
+
}
44
+
45
+
static inline bool has_zero(unsigned long val, unsigned long *data, const struct word_at_a_time *c)
46
+
{
47
+
unsigned long rhs = val | c->low_bits;
48
+
*data = rhs;
49
+
return (val + c->high_bits) & ~rhs;
50
+
}
51
+
52
+
#endif /* _ASM_WORD_AT_A_TIME_H */
+3
lib/Kconfig
+3
lib/Kconfig
+1
lib/Makefile
+1
lib/Makefile
+7
-40
lib/strncpy_from_user.c
+7
-40
lib/strncpy_from_user.c
···
4
4
#include <linux/errno.h>
5
5
6
6
#include <asm/byteorder.h>
7
-
8
-
static inline long find_zero(unsigned long mask)
9
-
{
10
-
long byte = 0;
11
-
12
-
#ifdef __BIG_ENDIAN
13
-
#ifdef CONFIG_64BIT
14
-
if (mask >> 32)
15
-
mask >>= 32;
16
-
else
17
-
byte = 4;
18
-
#endif
19
-
if (mask >> 16)
20
-
mask >>= 16;
21
-
else
22
-
byte += 2;
23
-
return (mask >> 8) ? byte : byte + 1;
24
-
#else
25
-
#ifdef CONFIG_64BIT
26
-
if (!((unsigned int) mask)) {
27
-
mask >>= 32;
28
-
byte = 4;
29
-
}
30
-
#endif
31
-
if (!(mask & 0xffff)) {
32
-
mask >>= 16;
33
-
byte += 2;
34
-
}
35
-
return (mask & 0xff) ? byte : byte + 1;
36
-
#endif
37
-
}
7
+
#include <asm/word-at-a-time.h>
38
8
39
9
#ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
40
10
#define IS_UNALIGNED(src, dst) 0
···
21
51
*/
22
52
static inline long do_strncpy_from_user(char *dst, const char __user *src, long count, unsigned long max)
23
53
{
24
-
const unsigned long high_bits = REPEAT_BYTE(0xfe) + 1;
25
-
const unsigned long low_bits = REPEAT_BYTE(0x7f);
54
+
const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;
26
55
long res = 0;
27
56
28
57
/*
···
35
66
goto byte_at_a_time;
36
67
37
68
while (max >= sizeof(unsigned long)) {
38
-
unsigned long c, v, rhs;
69
+
unsigned long c, data;
39
70
40
71
/* Fall back to byte-at-a-time if we get a page fault */
41
72
if (unlikely(__get_user(c,(unsigned long __user *)(src+res))))
42
73
break;
43
-
rhs = c | low_bits;
44
-
v = (c + high_bits) & ~rhs;
45
74
*(unsigned long *)(dst+res) = c;
46
-
if (v) {
47
-
v = (c & low_bits) + low_bits;
48
-
v = ~(v | rhs);
49
-
return res + find_zero(v);
75
+
if (has_zero(c, &data, &constants)) {
76
+
data = prep_zero_mask(c, data, &constants);
77
+
data = create_zero_mask(data);
78
+
return res + find_zero(data);
50
79
}
51
80
res += sizeof(unsigned long);
52
81
max -= sizeof(unsigned long);
+138
lib/strnlen_user.c
+138
lib/strnlen_user.c
···
1
+
#include <linux/kernel.h>
2
+
#include <linux/export.h>
3
+
#include <linux/uaccess.h>
4
+
5
+
#include <asm/word-at-a-time.h>
6
+
7
+
/* Set bits in the first 'n' bytes when loaded from memory */
8
+
#ifdef __LITTLE_ENDIAN
9
+
# define aligned_byte_mask(n) ((1ul << 8*(n))-1)
10
+
#else
11
+
# define aligned_byte_mask(n) (~0xfful << 8*(7-(n)))
12
+
#endif
13
+
14
+
/*
15
+
* Do a strnlen, return length of string *with* final '\0'.
16
+
* 'count' is the user-supplied count, while 'max' is the
17
+
* address space maximum.
18
+
*
19
+
* Return 0 for exceptions (which includes hitting the address
20
+
* space maximum), or 'count+1' if hitting the user-supplied
21
+
* maximum count.
22
+
*
23
+
* NOTE! We can sometimes overshoot the user-supplied maximum
24
+
* if it fits in a aligned 'long'. The caller needs to check
25
+
* the return value against "> max".
26
+
*/
27
+
static inline long do_strnlen_user(const char __user *src, unsigned long count, unsigned long max)
28
+
{
29
+
const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;
30
+
long align, res = 0;
31
+
unsigned long c;
32
+
33
+
/*
34
+
* Truncate 'max' to the user-specified limit, so that
35
+
* we only have one limit we need to check in the loop
36
+
*/
37
+
if (max > count)
38
+
max = count;
39
+
40
+
/*
41
+
* Do everything aligned. But that means that we
42
+
* need to also expand the maximum..
43
+
*/
44
+
align = (sizeof(long) - 1) & (unsigned long)src;
45
+
src -= align;
46
+
max += align;
47
+
48
+
if (unlikely(__get_user(c,(unsigned long __user *)src)))
49
+
return 0;
50
+
c |= aligned_byte_mask(align);
51
+
52
+
for (;;) {
53
+
unsigned long data;
54
+
if (has_zero(c, &data, &constants)) {
55
+
data = prep_zero_mask(c, data, &constants);
56
+
data = create_zero_mask(data);
57
+
return res + find_zero(data) + 1 - align;
58
+
}
59
+
res += sizeof(unsigned long);
60
+
if (unlikely(max < sizeof(unsigned long)))
61
+
break;
62
+
max -= sizeof(unsigned long);
63
+
if (unlikely(__get_user(c,(unsigned long __user *)(src+res))))
64
+
return 0;
65
+
}
66
+
res -= align;
67
+
68
+
/*
69
+
* Uhhuh. We hit 'max'. But was that the user-specified maximum
70
+
* too? If so, return the marker for "too long".
71
+
*/
72
+
if (res >= count)
73
+
return count+1;
74
+
75
+
/*
76
+
* Nope: we hit the address space limit, and we still had more
77
+
* characters the caller would have wanted. That's 0.
78
+
*/
79
+
return 0;
80
+
}
81
+
82
+
/**
83
+
* strnlen_user: - Get the size of a user string INCLUDING final NUL.
84
+
* @str: The string to measure.
85
+
* @count: Maximum count (including NUL character)
86
+
*
87
+
* Context: User context only. This function may sleep.
88
+
*
89
+
* Get the size of a NUL-terminated string in user space.
90
+
*
91
+
* Returns the size of the string INCLUDING the terminating NUL.
92
+
* If the string is too long, returns 'count+1'.
93
+
* On exception (or invalid count), returns 0.
94
+
*/
95
+
long strnlen_user(const char __user *str, long count)
96
+
{
97
+
unsigned long max_addr, src_addr;
98
+
99
+
if (unlikely(count <= 0))
100
+
return 0;
101
+
102
+
max_addr = user_addr_max();
103
+
src_addr = (unsigned long)str;
104
+
if (likely(src_addr < max_addr)) {
105
+
unsigned long max = max_addr - src_addr;
106
+
return do_strnlen_user(str, count, max);
107
+
}
108
+
return 0;
109
+
}
110
+
EXPORT_SYMBOL(strnlen_user);
111
+
112
+
/**
113
+
* strlen_user: - Get the size of a user string INCLUDING final NUL.
114
+
* @str: The string to measure.
115
+
*
116
+
* Context: User context only. This function may sleep.
117
+
*
118
+
* Get the size of a NUL-terminated string in user space.
119
+
*
120
+
* Returns the size of the string INCLUDING the terminating NUL.
121
+
* On exception, returns 0.
122
+
*
123
+
* If there is a limit on the length of a valid string, you may wish to
124
+
* consider using strnlen_user() instead.
125
+
*/
126
+
long strlen_user(const char __user *str)
127
+
{
128
+
unsigned long max_addr, src_addr;
129
+
130
+
max_addr = user_addr_max();
131
+
src_addr = (unsigned long)str;
132
+
if (likely(src_addr < max_addr)) {
133
+
unsigned long max = max_addr - src_addr;
134
+
return do_strnlen_user(str, ~0ul, max);
135
+
}
136
+
return 0;
137
+
}
138
+
EXPORT_SYMBOL(strlen_user);