ktest: Add minor fixes for kernel tests

[akaros.git] / kern / include / umem.h

/* Copyright (c) 2009, 2010 The Regents of the University of California
 * Barret Rhoden <brho@cs.berkeley.edu>
 * Andrew Waterman <waterman@cs.berkeley.edu>
 * See LICENSE for details.
 *
 * Functions for working with userspace's address space. */

#pragma once

#include <ros/common.h>
#include <process.h>

/* Is this a valid user pointer for read/write?  It doesn't care if the address
 * is paged out or even an unmapped region: simply if it is in part of the
 * address space that could be RW user.  Will also check for len bytes. */
static inline bool is_user_rwaddr(const void *addr, size_t len);
/* Same deal, but read-only */
static inline bool is_user_raddr(const void *addr, size_t len);

#include <arch/uaccess.h>

int strcpy_from_user(struct proc *p, char *dst, const char *src);
int strcpy_to_user(struct proc *p, char *dst, const char *src);

/**
 * @brief Copies data from a user buffer to a kernel buffer.
 *
 * @param p    the process associated with the user program
 *             from which the buffer is being copied
 * @param dest the destination address of the kernel buffer
 * @param va   the address of the userspace buffer from which we are copying
 * @param len  the length of the userspace buffer
 *
 * @return ESUCCESS on success
 * @return -EFAULT  the page assocaited with 'va' is not present, the user
 *                  lacks the proper permissions, or there was an invalid 'va'
 */
int memcpy_from_user(struct proc *p, void *dest, const void *va, size_t len);

/**
 * @brief Copies data to a user buffer from a kernel buffer.
 *
 * @param p    the process associated with the user program
 *             to which the buffer is being copied
 * @param dest the destination address of the user buffer
 * @param src  the address of the kernel buffer from which we are copying
 * @param len  the length of the user buffer
 *
 * @return ESUCCESS on success
 * @return -EFAULT  the page assocaited with 'va' is not present, the user
 *                  lacks the proper permissions, or there was an invalid 'va'
 */
int memcpy_to_user(struct proc *p, void *dest, const void *src, size_t len);

/* Same as above, but sets errno */
int memcpy_from_user_errno(struct proc *p, void *dst, const void *src, int len);
int memcpy_to_user_errno(struct proc *p, void *dst, const void *src, int len);
void memcpy_to_safe(void *dst, const void *src, size_t amt);
void memcpy_from_safe(void *dst, const void *src, size_t amt);

/* Creates a buffer (kmalloc) and safely copies into it from va.  Can return an
 * error code.  Check its response with IS_ERR().  Must be paired with
 * user_memdup_free() if this succeeded. */
void *user_memdup(struct proc *p, const void *va, int len);
/* Same as above, but sets errno */
void *user_memdup_errno(struct proc *p, const void *va, int len);
void user_memdup_free(struct proc *p, void *va);
/* Same as memdup, but just does strings.  still needs memdup_freed */
char *user_strdup(struct proc *p, const char *u_string, size_t strlen);
char *user_strdup_errno(struct proc *p, const char *u_string, size_t strlen);
char *copy_in_path(struct proc *p, const char *path, size_t path_l);
void free_path(struct proc *p, char *t_path);
void *kmalloc_errno(int len);
bool uva_is_kva(struct proc *p, void *uva, void *kva);
uintptr_t uva2kva(struct proc *p, void *uva, size_t len, int prot);
/* In arch/pmap{64}.c */
uintptr_t gva2gpa(struct proc *p, uintptr_t cr3, uintptr_t gva);

/* Helper for is_user_r{w,}addr.
 *
 * These checks are for addresses that the kernel accesses on behalf of the
 * user, which are mapped into the user's address space.  One interpretation is
 * whether or not the user is allowed to refer to this memory, hence the
 * MMAP_LOWEST_VA check.  But note that the user is allowed to attempt virtual
 * memory accesses outside of this range.  VMM code may interpose on low memory
 * PFs to emulate certain instructions.  However, the kernel should never be
 * given such a pointer.
 *
 * Without the MMAP_LOWEST_VA check, the kernel would still PF on a bad user
 * pointer (say the user gave us 0x10; we have nothing mapped at addr 0).
 * However, it would be more difficult to detect if the PF was the kernel acting
 * on behalf of the user or if the kernel itself had a null pointer deref.  By
 * checking early, the kernel will catch low addresses and error out before page
 * faulting. */
static inline bool __is_user_addr(const void *addr, size_t len, uintptr_t lim)
{
        if (unlikely((uintptr_t) addr < MMAP_LOWEST_VA))
                return FALSE;
        if (unlikely((uintptr_t) addr >= lim))
                return FALSE;
        if (unlikely(lim - (uintptr_t) addr < len))
                return FALSE;

        return TRUE;
}

static inline size_t __valid_user_bytes_from(const void *addr, uintptr_t lim)
{
        if (unlikely((uintptr_t) addr < MMAP_LOWEST_VA))
                return 0;
        if (unlikely((uintptr_t) addr >= lim))
                return 0;

        return (size_t) (lim - (uintptr_t) addr);
}

/* UWLIM is defined as virtual address below which a process can write */
static inline bool is_user_rwaddr(const void *addr, size_t len)
{
        return __is_user_addr(addr, len, UWLIM);
}

/* ULIM is defined as virtual address below which a process can read */
static inline bool is_user_raddr(const void *addr, size_t len)
{
        return __is_user_addr(addr, len, ULIM);
}

static inline size_t valid_user_rwbytes_from(const void *addr)
{
        return __valid_user_bytes_from(addr, UWLIM);
}

static inline size_t valid_user_rbytes_from(const void *addr)
{
        return __valid_user_bytes_from(addr, ULIM);
}