1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/compiler.h>
3 #include <linux/export.h>
4 #include <linux/kasan-checks.h>
5 #include <linux/thread_info.h>
6 #include <linux/uaccess.h>
7 #include <linux/kernel.h>
8 #include <linux/errno.h>
10 #include <asm/byteorder.h>
11 #include <asm/word-at-a-time.h>
13 #ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
14 #define IS_UNALIGNED(src, dst) 0
16 #define IS_UNALIGNED(src, dst) \
17 (((long) dst | (long) src) & (sizeof(long) - 1))
21 * Do a strncpy, return length of string without final '\0'.
22 * 'count' is the user-supplied count (return 'count' if we
23 * hit it), 'max' is the address space maximum (and we return
24 * -EFAULT if we hit it).
26 static inline long do_strncpy_from_user(char *dst
, const char __user
*src
, long count
, unsigned long max
)
28 const struct word_at_a_time constants
= WORD_AT_A_TIME_CONSTANTS
;
32 * Truncate 'max' to the user-specified limit, so that
33 * we only have one limit we need to check in the loop
38 if (IS_UNALIGNED(src
, dst
))
41 while (max
>= sizeof(unsigned long)) {
42 unsigned long c
, data
;
44 /* Fall back to byte-at-a-time if we get a page fault */
45 unsafe_get_user(c
, (unsigned long __user
*)(src
+res
), byte_at_a_time
);
47 *(unsigned long *)(dst
+res
) = c
;
48 if (has_zero(c
, &data
, &constants
)) {
49 data
= prep_zero_mask(c
, data
, &constants
);
50 data
= create_zero_mask(data
);
51 return res
+ find_zero(data
);
53 res
+= sizeof(unsigned long);
54 max
-= sizeof(unsigned long);
61 unsafe_get_user(c
,src
+res
, efault
);
70 * Uhhuh. We hit 'max'. But was that the user-specified maximum
71 * too? If so, that's ok - we got as much as the user asked for.
77 * Nope: we hit the address space limit, and we still had more
78 * characters the caller would have wanted. That's an EFAULT.
85 * strncpy_from_user: - Copy a NUL terminated string from userspace.
86 * @dst: Destination address, in kernel space. This buffer must be at
87 * least @count bytes long.
88 * @src: Source address, in user space.
89 * @count: Maximum number of bytes to copy, including the trailing NUL.
91 * Copies a NUL-terminated string from userspace to kernel space.
93 * On success, returns the length of the string (not including the trailing
96 * If access to userspace fails, returns -EFAULT (some data may have been
99 * If @count is smaller than the length of the string, copies @count bytes
100 * and returns @count.
102 long strncpy_from_user(char *dst
, const char __user
*src
, long count
)
104 unsigned long max_addr
, src_addr
;
106 if (unlikely(count
<= 0))
109 max_addr
= user_addr_max();
110 src_addr
= (unsigned long)src
;
111 if (likely(src_addr
< max_addr
)) {
112 unsigned long max
= max_addr
- src_addr
;
115 kasan_check_write(dst
, count
);
116 check_object_size(dst
, count
, false);
117 if (user_access_begin(src
, max
)) {
118 retval
= do_strncpy_from_user(dst
, src
, count
, max
);
125 EXPORT_SYMBOL(strncpy_from_user
);