Merge branch 'bpf_trace_printk-percent-s'

extern long notrace probe_kernel_write(void *dst, const void *src, size_t size);

extern long notrace __probe_kernel_write(void *dst, const void *src, size_t size);

extern long strncpy_from_unsafe(char *dst, const void *unsafe_addr, long count);

#endif		/* __LINUX_UACCESS_H__ */

/*

 * limited trace_printk()

 * only %d %u %x %ld %lu %lx %lld %llu %llx %p conversion specifiers allowed

 * only %d %u %x %ld %lu %lx %lld %llu %llx %p %s conversion specifiers allowed

 */

static u64 bpf_trace_printk(u64 r1, u64 fmt_size, u64 r3, u64 r4, u64 r5)

{

	char *fmt = (char *) (long) r1;

	bool str_seen = false;

	int mod[3] = {};

	int fmt_cnt = 0;

	u64 unsafe_addr;

	char buf[64];

	int i;

	/*

		if (fmt[i] == 'l') {

			mod[fmt_cnt]++;

			i++;

		} else if (fmt[i] == 'p') {

		} else if (fmt[i] == 'p' || fmt[i] == 's') {

			mod[fmt_cnt]++;

			i++;

			if (!isspace(fmt[i]) && !ispunct(fmt[i]) && fmt[i] != 0)

				return -EINVAL;

			fmt_cnt++;

			if (fmt[i - 1] == 's') {

				if (str_seen)

					/* allow only one '%s' per fmt string */

					return -EINVAL;

				str_seen = true;

				switch (fmt_cnt) {

				case 1:

					unsafe_addr = r3;

					r3 = (long) buf;

					break;

				case 2:

					unsafe_addr = r4;

					r4 = (long) buf;

					break;

				case 3:

					unsafe_addr = r5;

					r5 = (long) buf;

					break;

				}

				buf[0] = 0;

				strncpy_from_unsafe(buf,

						    (void *) (long) unsafe_addr,

						    sizeof(buf));

			}

			continue;

		}

static void FETCH_FUNC_NAME(memory, string)(struct pt_regs *regs,

					    void *addr, void *dest)

{

	long ret;

	int maxlen = get_rloc_len(*(u32 *)dest);

	u8 *dst = get_rloc_data(dest);

	u8 *src = addr;

	mm_segment_t old_fs = get_fs();

	long ret;

	if (!maxlen)

		return;

	 * Try to get string again, since the string can be changed while

	 * probing.

	 */

	set_fs(KERNEL_DS);

	pagefault_disable();

	do

		ret = __copy_from_user_inatomic(dst++, src++, 1);

	while (dst[-1] && ret == 0 && src - (u8 *)addr < maxlen);

	dst[-1] = '\0';

	pagefault_enable();

	set_fs(old_fs);

	ret = strncpy_from_unsafe(dst, addr, maxlen);

	if (ret < 0) {	/* Failed to fetch string */

		((u8 *)get_rloc_data(dest))[0] = '\0';

		dst[0] = '\0';

		*(u32 *)dest = make_data_rloc(0, get_rloc_offs(*(u32 *)dest));

	} else {

		*(u32 *)dest = make_data_rloc(src - (u8 *)addr,

					      get_rloc_offs(*(u32 *)dest));

		*(u32 *)dest = make_data_rloc(ret, get_rloc_offs(*(u32 *)dest));

	}

}

NOKPROBE_SYMBOL(FETCH_FUNC_NAME(memory, string));

	return -EFAULT;

}

EXPORT_SYMBOL(strncpy_from_user);

/**

 * strncpy_from_unsafe: - Copy a NUL terminated string from unsafe address.

 * @dst:   Destination address, in kernel space.  This buffer must be at

 *         least @count bytes long.

 * @src:   Unsafe address.

 * @count: Maximum number of bytes to copy, including the trailing NUL.

 *

 * Copies a NUL-terminated string from unsafe address to kernel buffer.

 *

 * On success, returns the length of the string INCLUDING the trailing NUL.

 *

 * If access fails, returns -EFAULT (some data may have been copied

 * and the trailing NUL added).

 *

 * If @count is smaller than the length of the string, copies @count-1 bytes,

 * sets the last byte of @dst buffer to NUL and returns @count.

 */

long strncpy_from_unsafe(char *dst, const void *unsafe_addr, long count)

{

	mm_segment_t old_fs = get_fs();

	const void *src = unsafe_addr;

	long ret;

	if (unlikely(count <= 0))

		return 0;

	set_fs(KERNEL_DS);

	pagefault_disable();

	do {

		ret = __copy_from_user_inatomic(dst++,

						(const void __user __force *)src++, 1);

	} while (dst[-1] && ret == 0 && src - unsafe_addr < count);

	dst[-1] = '\0';

	pagefault_enable();

	set_fs(old_fs);

	return ret < 0 ? ret : src - unsafe_addr;

}