2 * linux/arch/arm/lib/uaccess_with_memcpy.c
4 * Written by: Lennert Buytenhek and Nicolas Pitre
5 * Copyright (C) 2009 Marvell Semiconductor
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
12 #include <linux/kernel.h>
13 #include <linux/ctype.h>
14 #include <linux/uaccess.h>
15 #include <linux/rwsem.h>
17 #include <linux/sched.h>
18 #include <linux/hardirq.h> /* for in_atomic() */
19 #include <linux/gfp.h>
20 #include <linux/highmem.h>
21 #include <asm/current.h>
25 pin_page_for_write(const void __user *_addr, pte_t **ptep, spinlock_t **ptlp)
27 unsigned long addr = (unsigned long)_addr;
34 pgd = pgd_offset(current->mm, addr);
35 if (unlikely(pgd_none(*pgd) || pgd_bad(*pgd)))
38 pud = pud_offset(pgd, addr);
39 if (unlikely(pud_none(*pud) || pud_bad(*pud)))
42 pmd = pmd_offset(pud, addr);
43 if (unlikely(pmd_none(*pmd)))
47 * A pmd can be bad if it refers to a HugeTLB or THP page.
49 * Both THP and HugeTLB pages have the same pmd layout
50 * and should not be manipulated by the pte functions.
52 * Lock the page table for the destination and check
53 * to see that it's still huge and whether or not we will
54 * need to fault on write, or if we have a splitting THP.
56 if (unlikely(pmd_thp_or_huge(*pmd))) {
57 ptl = ¤t->mm->page_table_lock;
59 if (unlikely( !pmd_thp_or_huge(*pmd)
60 || pmd_hugewillfault(*pmd)
61 || pmd_trans_splitting(*pmd))) {
71 if (unlikely(pmd_bad(*pmd)))
74 pte = pte_offset_map_lock(current->mm, pmd, addr, &ptl);
75 if (unlikely(!pte_present(*pte) || !pte_young(*pte) ||
76 !pte_write(*pte) || !pte_dirty(*pte))) {
77 pte_unmap_unlock(pte, ptl);
87 static unsigned long noinline
88 __copy_to_user_memcpy(void __user *to, const void *from, unsigned long n)
92 if (unlikely(segment_eq(get_fs(), KERNEL_DS))) {
93 memcpy((void *)to, from, n);
97 /* the mmap semaphore is taken only if not in an atomic context */
101 down_read(¤t->mm->mmap_sem);
107 while (!pin_page_for_write(to, &pte, &ptl)) {
109 up_read(¤t->mm->mmap_sem);
110 if (__put_user(0, (char __user *)to))
113 down_read(¤t->mm->mmap_sem);
116 tocopy = (~(unsigned long)to & ~PAGE_MASK) + 1;
120 memcpy((void *)to, from, tocopy);
126 pte_unmap_unlock(pte, ptl);
131 up_read(¤t->mm->mmap_sem);
138 __copy_to_user(void __user *to, const void *from, unsigned long n)
141 * This test is stubbed out of the main function above to keep
142 * the overhead for small copies low by avoiding a large
143 * register dump on the stack just to reload them right away.
144 * With frame pointer disabled, tail call optimization kicks in
145 * as well making this test almost invisible.
148 return __copy_to_user_std(to, from, n);
149 return __copy_to_user_memcpy(to, from, n);
152 static unsigned long noinline
153 __clear_user_memset(void __user *addr, unsigned long n)
155 if (unlikely(segment_eq(get_fs(), KERNEL_DS))) {
156 memset((void *)addr, 0, n);
160 down_read(¤t->mm->mmap_sem);
166 while (!pin_page_for_write(addr, &pte, &ptl)) {
167 up_read(¤t->mm->mmap_sem);
168 if (__put_user(0, (char __user *)addr))
170 down_read(¤t->mm->mmap_sem);
173 tocopy = (~(unsigned long)addr & ~PAGE_MASK) + 1;
177 memset((void *)addr, 0, tocopy);
182 pte_unmap_unlock(pte, ptl);
186 up_read(¤t->mm->mmap_sem);
192 unsigned long __clear_user(void __user *addr, unsigned long n)
194 /* See rational for this in __copy_to_user() above. */
196 return __clear_user_std(addr, n);
197 return __clear_user_memset(addr, n);
203 * This code is disabled by default, but kept around in case the chosen
204 * thresholds need to be revalidated. Some overhead (small but still)
205 * would be implied by a runtime determined variable threshold, and
206 * so far the measurement on concerned targets didn't show a worthwhile
209 * Note that a fairly precise sched_clock() implementation is needed
210 * for results to make some sense.
213 #include <linux/vmalloc.h>
215 static int __init test_size_treshold(void)
217 struct page *src_page, *dst_page;
218 void *user_ptr, *kernel_ptr;
219 unsigned long long t0, t1, t2;
223 src_page = alloc_page(GFP_KERNEL);
226 dst_page = alloc_page(GFP_KERNEL);
229 kernel_ptr = page_address(src_page);
230 user_ptr = vmap(&dst_page, 1, VM_IOREMAP, __pgprot(__P010));
234 /* warm up the src page dcache */
235 ret = __copy_to_user_memcpy(user_ptr, kernel_ptr, PAGE_SIZE);
237 for (size = PAGE_SIZE; size >= 4; size /= 2) {
239 ret |= __copy_to_user_memcpy(user_ptr, kernel_ptr, size);
241 ret |= __copy_to_user_std(user_ptr, kernel_ptr, size);
243 printk("copy_to_user: %d %llu %llu\n", size, t1 - t0, t2 - t1);
246 for (size = PAGE_SIZE; size >= 4; size /= 2) {
248 ret |= __clear_user_memset(user_ptr, size);
250 ret |= __clear_user_std(user_ptr, size);
252 printk("clear_user: %d %llu %llu\n", size, t1 - t0, t2 - t1);
267 subsys_initcall(test_size_treshold);