blob: 230020a2e076ce9e14e2a2c960218eac5f6e0134 [file] [log] [blame]
Thomas Gleixner457c8992019-05-19 13:08:55 +01001// SPDX-License-Identifier: GPL-2.0-only
James Bottomley3c9f3682008-08-31 10:13:54 -05002/*
3 * Helpers for formatting and printing strings
4 *
5 * Copyright 31 August 2008 James Bottomley
Andy Shevchenko16c7fa02013-04-30 15:27:30 -07006 * Copyright (C) 2013, Intel Corporation
James Bottomley3c9f3682008-08-31 10:13:54 -05007 */
James Bottomleyb9f28d82015-03-05 18:47:01 -08008#include <linux/bug.h>
James Bottomley3c9f3682008-08-31 10:13:54 -05009#include <linux/kernel.h>
10#include <linux/math64.h>
Paul Gortmaker8bc3bcc2011-11-16 21:29:17 -050011#include <linux/export.h>
Andy Shevchenko16c7fa02013-04-30 15:27:30 -070012#include <linux/ctype.h>
Andy Shevchenkoacdb89b2021-11-05 14:42:25 +020013#include <linux/device.h>
Andy Shevchenkoc8250382014-10-13 15:55:16 -070014#include <linux/errno.h>
Kees Cook21985312016-04-20 15:46:25 -070015#include <linux/fs.h>
16#include <linux/limits.h>
Kees Cook0d044322016-04-20 15:46:24 -070017#include <linux/mm.h>
Kees Cookb53f27e2016-04-20 15:46:23 -070018#include <linux/slab.h>
Andy Shevchenkoc8250382014-10-13 15:55:16 -070019#include <linux/string.h>
James Bottomley3c9f3682008-08-31 10:13:54 -050020#include <linux/string_helpers.h>
21
22/**
23 * string_get_size - get the size in the specified units
James Bottomleyb9f28d82015-03-05 18:47:01 -080024 * @size: The size to be converted in blocks
25 * @blk_size: Size of the block (use 1 for size in bytes)
James Bottomley3c9f3682008-08-31 10:13:54 -050026 * @units: units to use (powers of 1000 or 1024)
27 * @buf: buffer to format to
28 * @len: length of buffer
29 *
30 * This function returns a string formatted to 3 significant figures
Rasmus Villemoesd1214c62015-02-12 15:01:50 -080031 * giving the size in the required units. @buf should have room for
32 * at least 9 bytes and will always be zero terminated.
James Bottomley3c9f3682008-08-31 10:13:54 -050033 *
34 */
James Bottomleyb9f28d82015-03-05 18:47:01 -080035void string_get_size(u64 size, u64 blk_size, const enum string_size_units units,
Rasmus Villemoesd1214c62015-02-12 15:01:50 -080036 char *buf, int len)
James Bottomley3c9f3682008-08-31 10:13:54 -050037{
Mathias Krause142cda52014-08-06 16:09:31 -070038 static const char *const units_10[] = {
James Bottomleyb9f28d82015-03-05 18:47:01 -080039 "B", "kB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB"
Mathias Krause142cda52014-08-06 16:09:31 -070040 };
41 static const char *const units_2[] = {
James Bottomleyb9f28d82015-03-05 18:47:01 -080042 "B", "KiB", "MiB", "GiB", "TiB", "PiB", "EiB", "ZiB", "YiB"
Mathias Krause142cda52014-08-06 16:09:31 -070043 };
44 static const char *const *const units_str[] = {
45 [STRING_UNITS_10] = units_10,
James Bottomley3c9f3682008-08-31 10:13:54 -050046 [STRING_UNITS_2] = units_2,
47 };
Andrew Morton68aecfb2012-05-29 15:07:32 -070048 static const unsigned int divisor[] = {
James Bottomley3c9f3682008-08-31 10:13:54 -050049 [STRING_UNITS_10] = 1000,
50 [STRING_UNITS_2] = 1024,
51 };
James Bottomley564b0262016-01-20 14:58:29 -080052 static const unsigned int rounding[] = { 500, 50, 5 };
53 int i = 0, j;
54 u32 remainder = 0, sf_cap;
James Bottomley3c9f3682008-08-31 10:13:54 -050055 char tmp[8];
James Bottomleyb9f28d82015-03-05 18:47:01 -080056 const char *unit;
James Bottomley3c9f3682008-08-31 10:13:54 -050057
58 tmp[0] = '\0';
James Bottomley564b0262016-01-20 14:58:29 -080059
60 if (blk_size == 0)
61 size = 0;
62 if (size == 0)
James Bottomleyb9f28d82015-03-05 18:47:01 -080063 goto out;
James Bottomley3c9f3682008-08-31 10:13:54 -050064
James Bottomley564b0262016-01-20 14:58:29 -080065 /* This is Napier's algorithm. Reduce the original block size to
66 *
67 * coefficient * divisor[units]^i
68 *
69 * we do the reduction so both coefficients are just under 32 bits so
70 * that multiplying them together won't overflow 64 bits and we keep
71 * as much precision as possible in the numbers.
72 *
73 * Note: it's safe to throw away the remainders here because all the
74 * precision is in the coefficients.
Vitaly Kuznetsov62bef582015-09-17 16:01:51 -070075 */
James Bottomley564b0262016-01-20 14:58:29 -080076 while (blk_size >> 32) {
77 do_div(blk_size, divisor[units]);
James Bottomleyb9f28d82015-03-05 18:47:01 -080078 i++;
James Bottomleyb9f28d82015-03-05 18:47:01 -080079 }
80
James Bottomley564b0262016-01-20 14:58:29 -080081 while (size >> 32) {
82 do_div(size, divisor[units]);
83 i++;
84 }
James Bottomleyb9f28d82015-03-05 18:47:01 -080085
James Bottomley564b0262016-01-20 14:58:29 -080086 /* now perform the actual multiplication keeping i as the sum of the
87 * two logarithms */
88 size *= blk_size;
89
90 /* and logarithmically reduce it until it's just under the divisor */
James Bottomleyb9f28d82015-03-05 18:47:01 -080091 while (size >= divisor[units]) {
92 remainder = do_div(size, divisor[units]);
93 i++;
94 }
95
James Bottomley564b0262016-01-20 14:58:29 -080096 /* work out in j how many digits of precision we need from the
97 * remainder */
James Bottomleyb9f28d82015-03-05 18:47:01 -080098 sf_cap = size;
99 for (j = 0; sf_cap*10 < 1000; j++)
100 sf_cap *= 10;
101
James Bottomley564b0262016-01-20 14:58:29 -0800102 if (units == STRING_UNITS_2) {
103 /* express the remainder as a decimal. It's currently the
104 * numerator of a fraction whose denominator is
105 * divisor[units], which is 1 << 10 for STRING_UNITS_2 */
James Bottomleyb9f28d82015-03-05 18:47:01 -0800106 remainder *= 1000;
James Bottomley564b0262016-01-20 14:58:29 -0800107 remainder >>= 10;
108 }
109
110 /* add a 5 to the digit below what will be printed to ensure
111 * an arithmetical round up and carry it through to size */
112 remainder += rounding[j];
113 if (remainder >= 1000) {
114 remainder -= 1000;
115 size += 1;
116 }
117
118 if (j) {
James Bottomleyb9f28d82015-03-05 18:47:01 -0800119 snprintf(tmp, sizeof(tmp), ".%03u", remainder);
120 tmp[j+1] = '\0';
121 }
122
123 out:
124 if (i >= ARRAY_SIZE(units_2))
125 unit = "UNK";
126 else
127 unit = units_str[units][i];
128
Rasmus Villemoes84b9fbe2015-02-12 15:01:48 -0800129 snprintf(buf, len, "%u%s %s", (u32)size,
James Bottomleyb9f28d82015-03-05 18:47:01 -0800130 tmp, unit);
James Bottomley3c9f3682008-08-31 10:13:54 -0500131}
132EXPORT_SYMBOL(string_get_size);
Andy Shevchenko16c7fa02013-04-30 15:27:30 -0700133
Cezary Rojewskif0b93322022-09-04 12:28:39 +0200134/**
135 * parse_int_array_user - Split string into a sequence of integers
136 * @from: The user space buffer to read from
137 * @count: The maximum number of bytes to read
138 * @array: Returned pointer to sequence of integers
139 *
140 * On success @array is allocated and initialized with a sequence of
141 * integers extracted from the @from plus an additional element that
142 * begins the sequence and specifies the integers count.
143 *
144 * Caller takes responsibility for freeing @array when it is no longer
145 * needed.
146 */
147int parse_int_array_user(const char __user *from, size_t count, int **array)
148{
149 int *ints, nints;
150 char *buf;
151 int ret = 0;
152
153 buf = memdup_user_nul(from, count);
154 if (IS_ERR(buf))
155 return PTR_ERR(buf);
156
157 get_options(buf, 0, &nints);
158 if (!nints) {
159 ret = -ENOENT;
160 goto free_buf;
161 }
162
163 ints = kcalloc(nints + 1, sizeof(*ints), GFP_KERNEL);
164 if (!ints) {
165 ret = -ENOMEM;
166 goto free_buf;
167 }
168
169 get_options(buf, nints + 1, ints);
170 *array = ints;
171
172free_buf:
173 kfree(buf);
174 return ret;
175}
176EXPORT_SYMBOL(parse_int_array_user);
177
Andy Shevchenko16c7fa02013-04-30 15:27:30 -0700178static bool unescape_space(char **src, char **dst)
179{
180 char *p = *dst, *q = *src;
181
182 switch (*q) {
183 case 'n':
184 *p = '\n';
185 break;
186 case 'r':
187 *p = '\r';
188 break;
189 case 't':
190 *p = '\t';
191 break;
192 case 'v':
193 *p = '\v';
194 break;
195 case 'f':
196 *p = '\f';
197 break;
198 default:
199 return false;
200 }
201 *dst += 1;
202 *src += 1;
203 return true;
204}
205
206static bool unescape_octal(char **src, char **dst)
207{
208 char *p = *dst, *q = *src;
209 u8 num;
210
211 if (isodigit(*q) == 0)
212 return false;
213
214 num = (*q++) & 7;
215 while (num < 32 && isodigit(*q) && (q - *src < 3)) {
216 num <<= 3;
217 num += (*q++) & 7;
218 }
219 *p = num;
220 *dst += 1;
221 *src = q;
222 return true;
223}
224
225static bool unescape_hex(char **src, char **dst)
226{
227 char *p = *dst, *q = *src;
228 int digit;
229 u8 num;
230
231 if (*q++ != 'x')
232 return false;
233
234 num = digit = hex_to_bin(*q++);
235 if (digit < 0)
236 return false;
237
238 digit = hex_to_bin(*q);
239 if (digit >= 0) {
240 q++;
241 num = (num << 4) | digit;
242 }
243 *p = num;
244 *dst += 1;
245 *src = q;
246 return true;
247}
248
249static bool unescape_special(char **src, char **dst)
250{
251 char *p = *dst, *q = *src;
252
253 switch (*q) {
254 case '\"':
255 *p = '\"';
256 break;
257 case '\\':
258 *p = '\\';
259 break;
260 case 'a':
261 *p = '\a';
262 break;
263 case 'e':
264 *p = '\e';
265 break;
266 default:
267 return false;
268 }
269 *dst += 1;
270 *src += 1;
271 return true;
272}
273
Andy Shevchenkod2956342014-10-13 15:55:11 -0700274/**
275 * string_unescape - unquote characters in the given string
276 * @src: source buffer (escaped)
277 * @dst: destination buffer (unescaped)
278 * @size: size of the destination buffer (0 to unlimit)
Jonathan Corbetb4658cd2019-07-16 16:27:36 -0700279 * @flags: combination of the flags.
Andy Shevchenkod2956342014-10-13 15:55:11 -0700280 *
281 * Description:
282 * The function unquotes characters in the given string.
283 *
284 * Because the size of the output will be the same as or less than the size of
285 * the input, the transformation may be performed in place.
286 *
287 * Caller must provide valid source and destination pointers. Be aware that
288 * destination buffer will always be NULL-terminated. Source string must be
Jonathan Corbetb4658cd2019-07-16 16:27:36 -0700289 * NULL-terminated as well. The supported flags are::
290 *
291 * UNESCAPE_SPACE:
292 * '\f' - form feed
293 * '\n' - new line
294 * '\r' - carriage return
295 * '\t' - horizontal tab
296 * '\v' - vertical tab
297 * UNESCAPE_OCTAL:
298 * '\NNN' - byte with octal value NNN (1 to 3 digits)
299 * UNESCAPE_HEX:
300 * '\xHH' - byte with hexadecimal value HH (1 to 2 digits)
301 * UNESCAPE_SPECIAL:
302 * '\"' - double quote
303 * '\\' - backslash
304 * '\a' - alert (BEL)
305 * '\e' - escape
306 * UNESCAPE_ANY:
307 * all previous together
Andy Shevchenkod2956342014-10-13 15:55:11 -0700308 *
309 * Return:
310 * The amount of the characters processed to the destination buffer excluding
311 * trailing '\0' is returned.
312 */
Andy Shevchenko16c7fa02013-04-30 15:27:30 -0700313int string_unescape(char *src, char *dst, size_t size, unsigned int flags)
314{
315 char *out = dst;
316
317 while (*src && --size) {
318 if (src[0] == '\\' && src[1] != '\0' && size > 1) {
319 src++;
320 size--;
321
322 if (flags & UNESCAPE_SPACE &&
323 unescape_space(&src, &out))
324 continue;
325
326 if (flags & UNESCAPE_OCTAL &&
327 unescape_octal(&src, &out))
328 continue;
329
330 if (flags & UNESCAPE_HEX &&
331 unescape_hex(&src, &out))
332 continue;
333
334 if (flags & UNESCAPE_SPECIAL &&
335 unescape_special(&src, &out))
336 continue;
337
338 *out++ = '\\';
339 }
340 *out++ = *src++;
341 }
342 *out = '\0';
343
344 return out - dst;
345}
346EXPORT_SYMBOL(string_unescape);
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700347
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700348static bool escape_passthrough(unsigned char c, char **dst, char *end)
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700349{
350 char *out = *dst;
351
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700352 if (out < end)
353 *out = c;
354 *dst = out + 1;
355 return true;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700356}
357
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700358static bool escape_space(unsigned char c, char **dst, char *end)
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700359{
360 char *out = *dst;
361 unsigned char to;
362
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700363 switch (c) {
364 case '\n':
365 to = 'n';
366 break;
367 case '\r':
368 to = 'r';
369 break;
370 case '\t':
371 to = 't';
372 break;
373 case '\v':
374 to = 'v';
375 break;
376 case '\f':
377 to = 'f';
378 break;
379 default:
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700380 return false;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700381 }
382
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700383 if (out < end)
384 *out = '\\';
385 ++out;
386 if (out < end)
387 *out = to;
388 ++out;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700389
390 *dst = out;
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700391 return true;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700392}
393
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700394static bool escape_special(unsigned char c, char **dst, char *end)
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700395{
396 char *out = *dst;
397 unsigned char to;
398
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700399 switch (c) {
400 case '\\':
401 to = '\\';
402 break;
403 case '\a':
404 to = 'a';
405 break;
406 case '\e':
407 to = 'e';
408 break;
Chris Down91027d02021-06-15 17:52:45 +0100409 case '"':
410 to = '"';
411 break;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700412 default:
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700413 return false;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700414 }
415
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700416 if (out < end)
417 *out = '\\';
418 ++out;
419 if (out < end)
420 *out = to;
421 ++out;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700422
423 *dst = out;
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700424 return true;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700425}
426
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700427static bool escape_null(unsigned char c, char **dst, char *end)
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700428{
429 char *out = *dst;
430
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700431 if (c)
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700432 return false;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700433
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700434 if (out < end)
435 *out = '\\';
436 ++out;
437 if (out < end)
438 *out = '0';
439 ++out;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700440
441 *dst = out;
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700442 return true;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700443}
444
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700445static bool escape_octal(unsigned char c, char **dst, char *end)
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700446{
447 char *out = *dst;
448
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700449 if (out < end)
450 *out = '\\';
451 ++out;
452 if (out < end)
453 *out = ((c >> 6) & 0x07) + '0';
454 ++out;
455 if (out < end)
456 *out = ((c >> 3) & 0x07) + '0';
457 ++out;
458 if (out < end)
459 *out = ((c >> 0) & 0x07) + '0';
460 ++out;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700461
462 *dst = out;
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700463 return true;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700464}
465
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700466static bool escape_hex(unsigned char c, char **dst, char *end)
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700467{
468 char *out = *dst;
469
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700470 if (out < end)
471 *out = '\\';
472 ++out;
473 if (out < end)
474 *out = 'x';
475 ++out;
476 if (out < end)
477 *out = hex_asc_hi(c);
478 ++out;
479 if (out < end)
480 *out = hex_asc_lo(c);
481 ++out;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700482
483 *dst = out;
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700484 return true;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700485}
486
487/**
488 * string_escape_mem - quote characters in the given memory buffer
489 * @src: source buffer (unescaped)
490 * @isz: source buffer size
491 * @dst: destination buffer (escaped)
492 * @osz: destination buffer size
Jonathan Corbetb4658cd2019-07-16 16:27:36 -0700493 * @flags: combination of the flags
494 * @only: NULL-terminated string containing characters used to limit
495 * the selected escape class. If characters are included in @only
496 * that would not normally be escaped by the classes selected
497 * in @flags, they will be copied to @dst unescaped.
498 *
499 * Description:
500 * The process of escaping byte buffer includes several parts. They are applied
501 * in the following sequence.
502 *
Andy Shevchenko62519b82021-06-30 18:55:08 -0700503 * 1. The character is not matched to the one from @only string and thus
Jonathan Corbetb4658cd2019-07-16 16:27:36 -0700504 * must go as-is to the output.
Andy Shevchenko0362c272021-06-30 18:55:17 -0700505 * 2. The character is matched to the printable and ASCII classes, if asked,
Andy Shevchenkoa0809782021-06-30 18:55:14 -0700506 * and in case of match it passes through to the output.
Andy Shevchenko0362c272021-06-30 18:55:17 -0700507 * 3. The character is matched to the printable or ASCII class, if asked,
508 * and in case of match it passes through to the output.
509 * 4. The character is checked if it falls into the class given by @flags.
Jonathan Corbetb4658cd2019-07-16 16:27:36 -0700510 * %ESCAPE_OCTAL and %ESCAPE_HEX are going last since they cover any
511 * character. Note that they actually can't go together, otherwise
512 * %ESCAPE_HEX will be ignored.
513 *
514 * Caller must provide valid source and destination pointers. Be aware that
515 * destination buffer will not be NULL-terminated, thus caller have to append
Andy Shevchenkoa0809782021-06-30 18:55:14 -0700516 * it if needs. The supported flags are::
Jonathan Corbetb4658cd2019-07-16 16:27:36 -0700517 *
Kees Cookd89a3f72015-09-09 15:37:14 -0700518 * %ESCAPE_SPACE: (special white space, not space itself)
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700519 * '\f' - form feed
520 * '\n' - new line
521 * '\r' - carriage return
522 * '\t' - horizontal tab
523 * '\v' - vertical tab
524 * %ESCAPE_SPECIAL:
Chris Down91027d02021-06-15 17:52:45 +0100525 * '\"' - double quote
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700526 * '\\' - backslash
527 * '\a' - alert (BEL)
528 * '\e' - escape
529 * %ESCAPE_NULL:
530 * '\0' - null
531 * %ESCAPE_OCTAL:
532 * '\NNN' - byte with octal value NNN (3 digits)
533 * %ESCAPE_ANY:
534 * all previous together
535 * %ESCAPE_NP:
Andy Shevchenkoa0809782021-06-30 18:55:14 -0700536 * escape only non-printable characters, checked by isprint()
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700537 * %ESCAPE_ANY_NP:
538 * all previous together
539 * %ESCAPE_HEX:
540 * '\xHH' - byte with hexadecimal value HH (2 digits)
Andy Shevchenkoa0809782021-06-30 18:55:14 -0700541 * %ESCAPE_NA:
542 * escape only non-ascii characters, checked by isascii()
Andy Shevchenko0362c272021-06-30 18:55:17 -0700543 * %ESCAPE_NAP:
544 * escape only non-printable or non-ascii characters
Andy Shevchenkoaec0d092021-06-30 18:55:20 -0700545 * %ESCAPE_APPEND:
546 * append characters from @only to be escaped by the given classes
547 *
548 * %ESCAPE_APPEND would help to pass additional characters to the escaped, when
549 * one of %ESCAPE_NP, %ESCAPE_NA, or %ESCAPE_NAP is provided.
Andy Shevchenkoa0809782021-06-30 18:55:14 -0700550 *
Andy Shevchenko0362c272021-06-30 18:55:17 -0700551 * One notable caveat, the %ESCAPE_NAP, %ESCAPE_NP and %ESCAPE_NA have the
552 * higher priority than the rest of the flags (%ESCAPE_NAP is the highest).
Andy Shevchenkoa0809782021-06-30 18:55:14 -0700553 * It doesn't make much sense to use either of them without %ESCAPE_OCTAL
554 * or %ESCAPE_HEX, because they cover most of the other character classes.
Andy Shevchenko0362c272021-06-30 18:55:17 -0700555 * %ESCAPE_NAP can utilize %ESCAPE_SPACE or %ESCAPE_SPECIAL in addition to
556 * the above.
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700557 *
558 * Return:
Rasmus Villemoes41416f22015-04-15 16:17:28 -0700559 * The total size of the escaped output that would be generated for
560 * the given input and flags. To check whether the output was
561 * truncated, compare the return value to osz. There is room left in
562 * dst for a '\0' terminator if and only if ret < osz.
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700563 */
Rasmus Villemoes41416f22015-04-15 16:17:28 -0700564int string_escape_mem(const char *src, size_t isz, char *dst, size_t osz,
Kees Cookb40bdb72015-09-09 15:37:16 -0700565 unsigned int flags, const char *only)
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700566{
Rasmus Villemoes41416f22015-04-15 16:17:28 -0700567 char *p = dst;
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700568 char *end = p + osz;
Kees Cookb40bdb72015-09-09 15:37:16 -0700569 bool is_dict = only && *only;
Andy Shevchenkoaec0d092021-06-30 18:55:20 -0700570 bool is_append = flags & ESCAPE_APPEND;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700571
572 while (isz--) {
573 unsigned char c = *src++;
Andy Shevchenkoaec0d092021-06-30 18:55:20 -0700574 bool in_dict = is_dict && strchr(only, c);
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700575
576 /*
577 * Apply rules in the following sequence:
Kees Cookb40bdb72015-09-09 15:37:16 -0700578 * - the @only string is supplied and does not contain a
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700579 * character under question
Andy Shevchenko0362c272021-06-30 18:55:17 -0700580 * - the character is printable and ASCII, when @flags has
581 * %ESCAPE_NAP bit set
Andy Shevchenko62519b82021-06-30 18:55:08 -0700582 * - the character is printable, when @flags has
583 * %ESCAPE_NP bit set
Andy Shevchenkoa0809782021-06-30 18:55:14 -0700584 * - the character is ASCII, when @flags has
585 * %ESCAPE_NA bit set
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700586 * - the character doesn't fall into a class of symbols
587 * defined by given @flags
588 * In these cases we just pass through a character to the
589 * output buffer.
Andy Shevchenkoaec0d092021-06-30 18:55:20 -0700590 *
591 * When %ESCAPE_APPEND is passed, the characters from @only
592 * have been excluded from the %ESCAPE_NAP, %ESCAPE_NP, and
593 * %ESCAPE_NA cases.
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700594 */
Andy Shevchenkoaec0d092021-06-30 18:55:20 -0700595 if (!(is_append || in_dict) && is_dict &&
Andy Shevchenko7e5969a2021-06-30 18:55:11 -0700596 escape_passthrough(c, &p, end))
597 continue;
Andy Shevchenko62519b82021-06-30 18:55:08 -0700598
Andy Shevchenkoaec0d092021-06-30 18:55:20 -0700599 if (!(is_append && in_dict) && isascii(c) && isprint(c) &&
Andy Shevchenko0362c272021-06-30 18:55:17 -0700600 flags & ESCAPE_NAP && escape_passthrough(c, &p, end))
601 continue;
602
Andy Shevchenkoaec0d092021-06-30 18:55:20 -0700603 if (!(is_append && in_dict) && isprint(c) &&
Andy Shevchenko7e5969a2021-06-30 18:55:11 -0700604 flags & ESCAPE_NP && escape_passthrough(c, &p, end))
605 continue;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700606
Andy Shevchenkoaec0d092021-06-30 18:55:20 -0700607 if (!(is_append && in_dict) && isascii(c) &&
Andy Shevchenkoa0809782021-06-30 18:55:14 -0700608 flags & ESCAPE_NA && escape_passthrough(c, &p, end))
609 continue;
610
Andy Shevchenko7e5969a2021-06-30 18:55:11 -0700611 if (flags & ESCAPE_SPACE && escape_space(c, &p, end))
612 continue;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700613
Andy Shevchenko7e5969a2021-06-30 18:55:11 -0700614 if (flags & ESCAPE_SPECIAL && escape_special(c, &p, end))
615 continue;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700616
Andy Shevchenko7e5969a2021-06-30 18:55:11 -0700617 if (flags & ESCAPE_NULL && escape_null(c, &p, end))
618 continue;
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700619
Andy Shevchenko7e5969a2021-06-30 18:55:11 -0700620 /* ESCAPE_OCTAL and ESCAPE_HEX always go last */
621 if (flags & ESCAPE_OCTAL && escape_octal(c, &p, end))
622 continue;
623
624 if (flags & ESCAPE_HEX && escape_hex(c, &p, end))
625 continue;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700626
Rasmus Villemoes3aeddc72015-04-15 16:17:25 -0700627 escape_passthrough(c, &p, end);
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700628 }
629
Rasmus Villemoes41416f22015-04-15 16:17:28 -0700630 return p - dst;
Andy Shevchenkoc8250382014-10-13 15:55:16 -0700631}
632EXPORT_SYMBOL(string_escape_mem);
Kees Cookb53f27e2016-04-20 15:46:23 -0700633
634/*
635 * Return an allocated string that has been escaped of special characters
636 * and double quotes, making it safe to log in quotes.
637 */
638char *kstrdup_quotable(const char *src, gfp_t gfp)
639{
640 size_t slen, dlen;
641 char *dst;
642 const int flags = ESCAPE_HEX;
643 const char esc[] = "\f\n\r\t\v\a\e\\\"";
644
645 if (!src)
646 return NULL;
647 slen = strlen(src);
648
649 dlen = string_escape_mem(src, slen, NULL, 0, flags, esc);
650 dst = kmalloc(dlen + 1, gfp);
651 if (!dst)
652 return NULL;
653
654 WARN_ON(string_escape_mem(src, slen, dst, dlen, flags, esc) != dlen);
655 dst[dlen] = '\0';
656
657 return dst;
658}
659EXPORT_SYMBOL_GPL(kstrdup_quotable);
Kees Cook0d044322016-04-20 15:46:24 -0700660
661/*
662 * Returns allocated NULL-terminated string containing process
663 * command line, with inter-argument NULLs replaced with spaces,
664 * and other special characters escaped.
665 */
666char *kstrdup_quotable_cmdline(struct task_struct *task, gfp_t gfp)
667{
668 char *buffer, *quoted;
669 int i, res;
670
Michal Hocko0ee931c2017-09-13 16:28:29 -0700671 buffer = kmalloc(PAGE_SIZE, GFP_KERNEL);
Kees Cook0d044322016-04-20 15:46:24 -0700672 if (!buffer)
673 return NULL;
674
675 res = get_cmdline(task, buffer, PAGE_SIZE - 1);
676 buffer[res] = '\0';
677
678 /* Collapse trailing NULLs, leave res pointing to last non-NULL. */
679 while (--res >= 0 && buffer[res] == '\0')
680 ;
681
682 /* Replace inter-argument NULLs. */
683 for (i = 0; i <= res; i++)
684 if (buffer[i] == '\0')
685 buffer[i] = ' ';
686
687 /* Make sure result is printable. */
688 quoted = kstrdup_quotable(buffer, gfp);
689 kfree(buffer);
690 return quoted;
691}
692EXPORT_SYMBOL_GPL(kstrdup_quotable_cmdline);
Kees Cook21985312016-04-20 15:46:25 -0700693
694/*
695 * Returns allocated NULL-terminated string containing pathname,
696 * with special characters escaped, able to be safely logged. If
697 * there is an error, the leading character will be "<".
698 */
699char *kstrdup_quotable_file(struct file *file, gfp_t gfp)
700{
701 char *temp, *pathname;
702
703 if (!file)
704 return kstrdup("<unknown>", gfp);
705
706 /* We add 11 spaces for ' (deleted)' to be appended */
Michal Hocko0ee931c2017-09-13 16:28:29 -0700707 temp = kmalloc(PATH_MAX + 11, GFP_KERNEL);
Kees Cook21985312016-04-20 15:46:25 -0700708 if (!temp)
709 return kstrdup("<no_memory>", gfp);
710
711 pathname = file_path(file, temp, PATH_MAX + 11);
712 if (IS_ERR(pathname))
713 pathname = kstrdup("<too_long>", gfp);
714 else
715 pathname = kstrdup_quotable(pathname, gfp);
716
717 kfree(temp);
718 return pathname;
719}
720EXPORT_SYMBOL_GPL(kstrdup_quotable_file);
Bartosz Golaszewski0fd16012020-09-29 12:09:55 +0200721
722/**
Andy Shevchenko418e0a32021-11-05 14:42:24 +0200723 * kasprintf_strarray - allocate and fill array of sequential strings
724 * @gfp: flags for the slab allocator
725 * @prefix: prefix to be used
726 * @n: amount of lines to be allocated and filled
727 *
728 * Allocates and fills @n strings using pattern "%s-%zu", where prefix
729 * is provided by caller. The caller is responsible to free them with
730 * kfree_strarray() after use.
731 *
732 * Returns array of strings or NULL when memory can't be allocated.
733 */
734char **kasprintf_strarray(gfp_t gfp, const char *prefix, size_t n)
735{
736 char **names;
737 size_t i;
738
739 names = kcalloc(n + 1, sizeof(char *), gfp);
740 if (!names)
741 return NULL;
742
743 for (i = 0; i < n; i++) {
744 names[i] = kasprintf(gfp, "%s-%zu", prefix, i);
745 if (!names[i]) {
746 kfree_strarray(names, i);
747 return NULL;
748 }
749 }
750
751 return names;
752}
753EXPORT_SYMBOL_GPL(kasprintf_strarray);
754
755/**
Bartosz Golaszewski0fd16012020-09-29 12:09:55 +0200756 * kfree_strarray - free a number of dynamically allocated strings contained
757 * in an array and the array itself
758 *
759 * @array: Dynamically allocated array of strings to free.
760 * @n: Number of strings (starting from the beginning of the array) to free.
761 *
762 * Passing a non-NULL @array and @n == 0 as well as NULL @array are valid
763 * use-cases. If @array is NULL, the function does nothing.
764 */
765void kfree_strarray(char **array, size_t n)
766{
767 unsigned int i;
768
769 if (!array)
770 return;
771
772 for (i = 0; i < n; i++)
773 kfree(array[i]);
774 kfree(array);
775}
776EXPORT_SYMBOL_GPL(kfree_strarray);
Kees Cookcfecea62021-06-18 10:57:38 -0700777
Andy Shevchenkoacdb89b2021-11-05 14:42:25 +0200778struct strarray {
779 char **array;
780 size_t n;
781};
782
783static void devm_kfree_strarray(struct device *dev, void *res)
784{
785 struct strarray *array = res;
786
787 kfree_strarray(array->array, array->n);
788}
789
790char **devm_kasprintf_strarray(struct device *dev, const char *prefix, size_t n)
791{
792 struct strarray *ptr;
793
794 ptr = devres_alloc(devm_kfree_strarray, sizeof(*ptr), GFP_KERNEL);
795 if (!ptr)
796 return ERR_PTR(-ENOMEM);
797
798 ptr->array = kasprintf_strarray(GFP_KERNEL, prefix, n);
799 if (!ptr->array) {
800 devres_free(ptr);
801 return ERR_PTR(-ENOMEM);
802 }
803
Puyou Lucd290a92022-05-12 20:38:36 -0700804 ptr->n = n;
805 devres_add(dev, ptr);
806
Andy Shevchenkoacdb89b2021-11-05 14:42:25 +0200807 return ptr->array;
808}
809EXPORT_SYMBOL_GPL(devm_kasprintf_strarray);
810
Kees Cookcfecea62021-06-18 10:57:38 -0700811/**
812 * strscpy_pad() - Copy a C-string into a sized buffer
813 * @dest: Where to copy the string to
814 * @src: Where to copy the string from
815 * @count: Size of destination buffer
816 *
817 * Copy the string, or as much of it as fits, into the dest buffer. The
818 * behavior is undefined if the string buffers overlap. The destination
819 * buffer is always %NUL terminated, unless it's zero-sized.
820 *
821 * If the source string is shorter than the destination buffer, zeros
822 * the tail of the destination buffer.
823 *
824 * For full explanation of why you may want to consider using the
825 * 'strscpy' functions please see the function docstring for strscpy().
826 *
827 * Returns:
828 * * The number of characters copied (not including the trailing %NUL)
829 * * -E2BIG if count is 0 or @src was truncated.
830 */
831ssize_t strscpy_pad(char *dest, const char *src, size_t count)
832{
833 ssize_t written;
834
835 written = strscpy(dest, src, count);
836 if (written < 0 || written == count - 1)
837 return written;
838
839 memset(dest + written + 1, 0, count - written - 1);
840
841 return written;
842}
843EXPORT_SYMBOL(strscpy_pad);
844
845/**
846 * skip_spaces - Removes leading whitespace from @str.
847 * @str: The string to be stripped.
848 *
849 * Returns a pointer to the first non-whitespace character in @str.
850 */
851char *skip_spaces(const char *str)
852{
853 while (isspace(*str))
854 ++str;
855 return (char *)str;
856}
857EXPORT_SYMBOL(skip_spaces);
858
859/**
860 * strim - Removes leading and trailing whitespace from @s.
861 * @s: The string to be stripped.
862 *
863 * Note that the first trailing whitespace is replaced with a %NUL-terminator
864 * in the given string @s. Returns a pointer to the first non-whitespace
865 * character in @s.
866 */
867char *strim(char *s)
868{
869 size_t size;
870 char *end;
871
872 size = strlen(s);
873 if (!size)
874 return s;
875
876 end = s + size - 1;
877 while (end >= s && isspace(*end))
878 end--;
879 *(end + 1) = '\0';
880
881 return skip_spaces(s);
882}
883EXPORT_SYMBOL(strim);
884
885/**
886 * sysfs_streq - return true if strings are equal, modulo trailing newline
887 * @s1: one string
888 * @s2: another string
889 *
890 * This routine returns true iff two strings are equal, treating both
891 * NUL and newline-then-NUL as equivalent string terminations. It's
892 * geared for use with sysfs input strings, which generally terminate
893 * with newlines but are compared against values without newlines.
894 */
895bool sysfs_streq(const char *s1, const char *s2)
896{
897 while (*s1 && *s1 == *s2) {
898 s1++;
899 s2++;
900 }
901
902 if (*s1 == *s2)
903 return true;
904 if (!*s1 && *s2 == '\n' && !s2[1])
905 return true;
906 if (*s1 == '\n' && !s1[1] && !*s2)
907 return true;
908 return false;
909}
910EXPORT_SYMBOL(sysfs_streq);
911
912/**
913 * match_string - matches given string in an array
914 * @array: array of strings
915 * @n: number of strings in the array or -1 for NULL terminated arrays
916 * @string: string to match with
917 *
918 * This routine will look for a string in an array of strings up to the
919 * n-th element in the array or until the first NULL element.
920 *
921 * Historically the value of -1 for @n, was used to search in arrays that
922 * are NULL terminated. However, the function does not make a distinction
923 * when finishing the search: either @n elements have been compared OR
924 * the first NULL element was found.
925 *
926 * Return:
927 * index of a @string in the @array if matches, or %-EINVAL otherwise.
928 */
929int match_string(const char * const *array, size_t n, const char *string)
930{
931 int index;
932 const char *item;
933
934 for (index = 0; index < n; index++) {
935 item = array[index];
936 if (!item)
937 break;
938 if (!strcmp(item, string))
939 return index;
940 }
941
942 return -EINVAL;
943}
944EXPORT_SYMBOL(match_string);
945
946/**
947 * __sysfs_match_string - matches given string in an array
948 * @array: array of strings
949 * @n: number of strings in the array or -1 for NULL terminated arrays
950 * @str: string to match with
951 *
952 * Returns index of @str in the @array or -EINVAL, just like match_string().
953 * Uses sysfs_streq instead of strcmp for matching.
954 *
955 * This routine will look for a string in an array of strings up to the
956 * n-th element in the array or until the first NULL element.
957 *
958 * Historically the value of -1 for @n, was used to search in arrays that
959 * are NULL terminated. However, the function does not make a distinction
960 * when finishing the search: either @n elements have been compared OR
961 * the first NULL element was found.
962 */
963int __sysfs_match_string(const char * const *array, size_t n, const char *str)
964{
965 const char *item;
966 int index;
967
968 for (index = 0; index < n; index++) {
969 item = array[index];
970 if (!item)
971 break;
972 if (sysfs_streq(item, str))
973 return index;
974 }
975
976 return -EINVAL;
977}
978EXPORT_SYMBOL(__sysfs_match_string);
979
980/**
981 * strreplace - Replace all occurrences of character in string.
982 * @s: The string to operate on.
983 * @old: The character being replaced.
984 * @new: The character @old is replaced with.
985 *
986 * Returns pointer to the nul byte at the end of @s.
987 */
988char *strreplace(char *s, char old, char new)
989{
990 for (; *s; ++s)
991 if (*s == old)
992 *s = new;
993 return s;
994}
995EXPORT_SYMBOL(strreplace);
996
Guenter Roeck5c4e0a22021-11-02 07:24:20 -0700997/**
998 * memcpy_and_pad - Copy one buffer to another with padding
999 * @dest: Where to copy to
1000 * @dest_len: The destination buffer size
1001 * @src: Where to copy from
1002 * @count: The number of bytes to copy
1003 * @pad: Character to use for padding if space is left in destination.
1004 */
1005void memcpy_and_pad(void *dest, size_t dest_len, const void *src, size_t count,
1006 int pad)
1007{
1008 if (dest_len > count) {
1009 memcpy(dest, src, count);
1010 memset(dest + count, pad, dest_len - count);
1011 } else {
1012 memcpy(dest, src, dest_len);
1013 }
1014}
1015EXPORT_SYMBOL(memcpy_and_pad);
1016
Kees Cookc430f602021-04-14 15:45:39 -07001017#ifdef CONFIG_FORTIFY_SOURCE
Kees Cookf68f2ff2021-04-20 23:22:52 -07001018/* These are placeholders for fortify compile-time warnings. */
1019void __read_overflow2_field(size_t avail, size_t wanted) { }
1020EXPORT_SYMBOL(__read_overflow2_field);
1021void __write_overflow_field(size_t avail, size_t wanted) { }
1022EXPORT_SYMBOL(__write_overflow_field);
1023
Kees Cookcfecea62021-06-18 10:57:38 -07001024void fortify_panic(const char *name)
1025{
1026 pr_emerg("detected buffer overflow in %s\n", name);
1027 BUG();
1028}
1029EXPORT_SYMBOL(fortify_panic);
Kees Cookc430f602021-04-14 15:45:39 -07001030#endif /* CONFIG_FORTIFY_SOURCE */