1ba423fdaSChristoph Hellwig /* SPDX-License-Identifier: GPL-2.0-only */
2ba423fdaSChristoph Hellwig /*
3ba423fdaSChristoph Hellwig * Copyright (c) 2020 Christoph Hellwig.
4ba423fdaSChristoph Hellwig *
5ba423fdaSChristoph Hellwig * Support for "universal" pointers that can point to either kernel or userspace
6ba423fdaSChristoph Hellwig * memory.
7ba423fdaSChristoph Hellwig */
8ba423fdaSChristoph Hellwig #ifndef _LINUX_SOCKPTR_H
9ba423fdaSChristoph Hellwig #define _LINUX_SOCKPTR_H
10ba423fdaSChristoph Hellwig
11ba423fdaSChristoph Hellwig #include <linux/slab.h>
12ba423fdaSChristoph Hellwig #include <linux/uaccess.h>
13ba423fdaSChristoph Hellwig
14ba423fdaSChristoph Hellwig typedef struct {
15ba423fdaSChristoph Hellwig union {
16ba423fdaSChristoph Hellwig void *kernel;
17ba423fdaSChristoph Hellwig void __user *user;
18ba423fdaSChristoph Hellwig };
19ba423fdaSChristoph Hellwig bool is_kernel : 1;
20ba423fdaSChristoph Hellwig } sockptr_t;
21ba423fdaSChristoph Hellwig
sockptr_is_kernel(sockptr_t sockptr)22ba423fdaSChristoph Hellwig static inline bool sockptr_is_kernel(sockptr_t sockptr)
23ba423fdaSChristoph Hellwig {
24ba423fdaSChristoph Hellwig return sockptr.is_kernel;
25ba423fdaSChristoph Hellwig }
26ba423fdaSChristoph Hellwig
KERNEL_SOCKPTR(void * p)27ba423fdaSChristoph Hellwig static inline sockptr_t KERNEL_SOCKPTR(void *p)
28ba423fdaSChristoph Hellwig {
29ba423fdaSChristoph Hellwig return (sockptr_t) { .kernel = p, .is_kernel = true };
30ba423fdaSChristoph Hellwig }
31ba423fdaSChristoph Hellwig
USER_SOCKPTR(void __user * p)32519a8a6cSChristoph Hellwig static inline sockptr_t USER_SOCKPTR(void __user *p)
33ba423fdaSChristoph Hellwig {
34519a8a6cSChristoph Hellwig return (sockptr_t) { .user = p };
35ba423fdaSChristoph Hellwig }
36ba423fdaSChristoph Hellwig
sockptr_is_null(sockptr_t sockptr)37ba423fdaSChristoph Hellwig static inline bool sockptr_is_null(sockptr_t sockptr)
38ba423fdaSChristoph Hellwig {
39035bfd05SChristoph Hellwig if (sockptr_is_kernel(sockptr))
40035bfd05SChristoph Hellwig return !sockptr.kernel;
41035bfd05SChristoph Hellwig return !sockptr.user;
42ba423fdaSChristoph Hellwig }
43ba423fdaSChristoph Hellwig
copy_from_sockptr_offset(void * dst,sockptr_t src,size_t offset,size_t size)44d3c48151SChristoph Hellwig static inline int copy_from_sockptr_offset(void *dst, sockptr_t src,
45d3c48151SChristoph Hellwig size_t offset, size_t size)
46ba423fdaSChristoph Hellwig {
47ba423fdaSChristoph Hellwig if (!sockptr_is_kernel(src))
48d3c48151SChristoph Hellwig return copy_from_user(dst, src.user + offset, size);
49d3c48151SChristoph Hellwig memcpy(dst, src.kernel + offset, size);
50ba423fdaSChristoph Hellwig return 0;
51ba423fdaSChristoph Hellwig }
52ba423fdaSChristoph Hellwig
536309863bSEric Dumazet /* Deprecated.
546309863bSEric Dumazet * This is unsafe, unless caller checked user provided optlen.
556309863bSEric Dumazet * Prefer copy_safe_from_sockptr() instead.
56*49b2b973SMichal Luczaj *
57*49b2b973SMichal Luczaj * Returns 0 for success, or number of bytes not copied on error.
586309863bSEric Dumazet */
copy_from_sockptr(void * dst,sockptr_t src,size_t size)59d3c48151SChristoph Hellwig static inline int copy_from_sockptr(void *dst, sockptr_t src, size_t size)
60d3c48151SChristoph Hellwig {
61d3c48151SChristoph Hellwig return copy_from_sockptr_offset(dst, src, 0, size);
62d3c48151SChristoph Hellwig }
63d3c48151SChristoph Hellwig
646309863bSEric Dumazet /**
656309863bSEric Dumazet * copy_safe_from_sockptr: copy a struct from sockptr
666309863bSEric Dumazet * @dst: Destination address, in kernel space. This buffer must be @ksize
676309863bSEric Dumazet * bytes long.
686309863bSEric Dumazet * @ksize: Size of @dst struct.
696309863bSEric Dumazet * @optval: Source address. (in user or kernel space)
706309863bSEric Dumazet * @optlen: Size of @optval data.
716309863bSEric Dumazet *
726309863bSEric Dumazet * Returns:
736309863bSEric Dumazet * * -EINVAL: @optlen < @ksize
746309863bSEric Dumazet * * -EFAULT: access to userspace failed.
756309863bSEric Dumazet * * 0 : @ksize bytes were copied
766309863bSEric Dumazet */
copy_safe_from_sockptr(void * dst,size_t ksize,sockptr_t optval,unsigned int optlen)776309863bSEric Dumazet static inline int copy_safe_from_sockptr(void *dst, size_t ksize,
786309863bSEric Dumazet sockptr_t optval, unsigned int optlen)
796309863bSEric Dumazet {
806309863bSEric Dumazet if (optlen < ksize)
816309863bSEric Dumazet return -EINVAL;
82eb94b7bbSMichal Luczaj if (copy_from_sockptr(dst, optval, ksize))
83eb94b7bbSMichal Luczaj return -EFAULT;
84eb94b7bbSMichal Luczaj return 0;
856309863bSEric Dumazet }
866309863bSEric Dumazet
copy_struct_from_sockptr(void * dst,size_t ksize,sockptr_t src,size_t usize)874954f17dSDmitry Safonov static inline int copy_struct_from_sockptr(void *dst, size_t ksize,
884954f17dSDmitry Safonov sockptr_t src, size_t usize)
894954f17dSDmitry Safonov {
904954f17dSDmitry Safonov size_t size = min(ksize, usize);
914954f17dSDmitry Safonov size_t rest = max(ksize, usize) - size;
924954f17dSDmitry Safonov
934954f17dSDmitry Safonov if (!sockptr_is_kernel(src))
944954f17dSDmitry Safonov return copy_struct_from_user(dst, ksize, src.user, size);
954954f17dSDmitry Safonov
964954f17dSDmitry Safonov if (usize < ksize) {
974954f17dSDmitry Safonov memset(dst + size, 0, rest);
984954f17dSDmitry Safonov } else if (usize > ksize) {
994954f17dSDmitry Safonov char *p = src.kernel;
1004954f17dSDmitry Safonov
1014954f17dSDmitry Safonov while (rest--) {
1024954f17dSDmitry Safonov if (*p++)
1034954f17dSDmitry Safonov return -E2BIG;
1044954f17dSDmitry Safonov }
1054954f17dSDmitry Safonov }
1064954f17dSDmitry Safonov memcpy(dst, src.kernel, size);
1074954f17dSDmitry Safonov return 0;
1084954f17dSDmitry Safonov }
1094954f17dSDmitry Safonov
copy_to_sockptr_offset(sockptr_t dst,size_t offset,const void * src,size_t size)110d3c48151SChristoph Hellwig static inline int copy_to_sockptr_offset(sockptr_t dst, size_t offset,
111d3c48151SChristoph Hellwig const void *src, size_t size)
112ba423fdaSChristoph Hellwig {
113ba423fdaSChristoph Hellwig if (!sockptr_is_kernel(dst))
114d3c48151SChristoph Hellwig return copy_to_user(dst.user + offset, src, size);
115d3c48151SChristoph Hellwig memcpy(dst.kernel + offset, src, size);
116ba423fdaSChristoph Hellwig return 0;
117ba423fdaSChristoph Hellwig }
118ba423fdaSChristoph Hellwig
copy_to_sockptr(sockptr_t dst,const void * src,size_t size)1194ff09db1SMartin KaFai Lau static inline int copy_to_sockptr(sockptr_t dst, const void *src, size_t size)
1204ff09db1SMartin KaFai Lau {
1214ff09db1SMartin KaFai Lau return copy_to_sockptr_offset(dst, 0, src, size);
1224ff09db1SMartin KaFai Lau }
1234ff09db1SMartin KaFai Lau
memdup_sockptr_noprof(sockptr_t src,size_t len)1242c321f3fSSuren Baghdasaryan static inline void *memdup_sockptr_noprof(sockptr_t src, size_t len)
125ba423fdaSChristoph Hellwig {
1262c321f3fSSuren Baghdasaryan void *p = kmalloc_track_caller_noprof(len, GFP_USER | __GFP_NOWARN);
127ba423fdaSChristoph Hellwig
128ba423fdaSChristoph Hellwig if (!p)
129ba423fdaSChristoph Hellwig return ERR_PTR(-ENOMEM);
130ba423fdaSChristoph Hellwig if (copy_from_sockptr(p, src, len)) {
131ba423fdaSChristoph Hellwig kfree(p);
132ba423fdaSChristoph Hellwig return ERR_PTR(-EFAULT);
133ba423fdaSChristoph Hellwig }
134ba423fdaSChristoph Hellwig return p;
135ba423fdaSChristoph Hellwig }
1362c321f3fSSuren Baghdasaryan #define memdup_sockptr(...) alloc_hooks(memdup_sockptr_noprof(__VA_ARGS__))
137ba423fdaSChristoph Hellwig
memdup_sockptr_nul_noprof(sockptr_t src,size_t len)1382c321f3fSSuren Baghdasaryan static inline void *memdup_sockptr_nul_noprof(sockptr_t src, size_t len)
139ba423fdaSChristoph Hellwig {
1402c321f3fSSuren Baghdasaryan char *p = kmalloc_track_caller_noprof(len + 1, GFP_KERNEL);
141ba423fdaSChristoph Hellwig
142ba423fdaSChristoph Hellwig if (!p)
143ba423fdaSChristoph Hellwig return ERR_PTR(-ENOMEM);
144ba423fdaSChristoph Hellwig if (copy_from_sockptr(p, src, len)) {
145ba423fdaSChristoph Hellwig kfree(p);
146ba423fdaSChristoph Hellwig return ERR_PTR(-EFAULT);
147ba423fdaSChristoph Hellwig }
148ba423fdaSChristoph Hellwig p[len] = '\0';
149ba423fdaSChristoph Hellwig return p;
150ba423fdaSChristoph Hellwig }
1512c321f3fSSuren Baghdasaryan #define memdup_sockptr_nul(...) alloc_hooks(memdup_sockptr_nul_noprof(__VA_ARGS__))
152ba423fdaSChristoph Hellwig
strncpy_from_sockptr(char * dst,sockptr_t src,size_t count)153ba423fdaSChristoph Hellwig static inline long strncpy_from_sockptr(char *dst, sockptr_t src, size_t count)
154ba423fdaSChristoph Hellwig {
155ba423fdaSChristoph Hellwig if (sockptr_is_kernel(src)) {
156ba423fdaSChristoph Hellwig size_t len = min(strnlen(src.kernel, count - 1) + 1, count);
157ba423fdaSChristoph Hellwig
158ba423fdaSChristoph Hellwig memcpy(dst, src.kernel, len);
159ba423fdaSChristoph Hellwig return len;
160ba423fdaSChristoph Hellwig }
161ba423fdaSChristoph Hellwig return strncpy_from_user(dst, src.user, count);
162ba423fdaSChristoph Hellwig }
163ba423fdaSChristoph Hellwig
check_zeroed_sockptr(sockptr_t src,size_t offset,size_t size)16488527790SJakub Kicinski static inline int check_zeroed_sockptr(sockptr_t src, size_t offset,
16588527790SJakub Kicinski size_t size)
16688527790SJakub Kicinski {
16788527790SJakub Kicinski if (!sockptr_is_kernel(src))
16888527790SJakub Kicinski return check_zeroed_user(src.user + offset, size);
16988527790SJakub Kicinski return memchr_inv(src.kernel + offset, 0, size) == NULL;
17088527790SJakub Kicinski }
17188527790SJakub Kicinski
172ba423fdaSChristoph Hellwig #endif /* _LINUX_SOCKPTR_H */
173