Is there a general (correct) kernel subroutine to validate a pointer
received in a routine as input from the outside world? Is access_ok() a
good one to use?
Andy
Em Thu, Jul 26, 2001 at 08:36:49AM -0700, Cress, Andrew R escreveu:
>
> Is there a general (correct) kernel subroutine to validate a pointer
> received in a routine as input from the outside world? Is access_ok() a
> good one to use?
normally one uses get_user & friends and copy_from_user and friends
checking its return and returning -EFAULT if they fail
> Is there a general (correct) kernel subroutine to validate a pointer
> received in a routine as input from the outside world? Is access_ok() a
> good one to use?
access_ok may do minimal checks, or no checking at all. The only point at
which you can validate a user point is when you use copy*user and
get/put_user to access the data.
On Thu 26 Jul at 16:52:48 +0100 [email protected] done said:
> access_ok may do minimal checks, or no checking at all. The only point at
> which you can validate a user point is when you use copy*user and
> get/put_user to access the data.
Should the i386 access_ok() fail when checking a copy to/from userspace
from/to a static in a driver module? The __copy_to|from_user work fine
and copy_to|from_user fail, but I guess that doesn't mean access_ok()
is the culprit. I don't know intel assembly and the platforms for
which I do get the assembly don't do much in access_ok() so there's no
comparing...but I'd have thought they'd be more concerned with the user
address location than the kernel one.
t.
> Should the i386 access_ok() fail when checking a copy to/from userspace
> from/to a static in a driver module? The __copy_to|from_user work fine
> and copy_to|from_user fail, but I guess that doesn't mean access_ok()
> is the culprit. I don't know intel assembly and the platforms for
> which I do get the assembly don't do much in access_ok() so there's no
> comparing...but I'd have thought they'd be more concerned with the user
> address location than the kernel one.
You can't pass kernel address as if they were userspace. It might happen to
sometimes work on some architectures. Take a look at the set_fs() stuff
On Thu 26 Jul at 18:12:57 +0100 [email protected] done said:
>
> You can't pass kernel address as if they were userspace. It might happen to
> sometimes work on some architectures. Take a look at the set_fs() stuff
Am I? I though I was doing a pretty plain user<->kernel copy:
copy_to_user(user_addr, kernel_addr, size);
and
copy_from_user(kernel_addr, user_addr, size);
Are you saying that static and dynamically allocated kernel variables end up
in different segments (kernel_ds and user_ds) and the copy is only expected to
succeed if the to and from addresses are in the same segment?
Tim
> copy_to_user(user_addr, kernel_addr, size);
> and
> copy_from_user(kernel_addr, user_addr, size);
>
> Are you saying that static and dynamically allocated kernel variables end up
> in different segments (kernel_ds and user_ds) and the copy is only expected to
> succeed if the to and from addresses are in the same segment?
user and kernel address spaces are seperate. On S/390 and M68K for example
they occupy the same values for both. Long long ago this was done via
segments on x86 (we dont use segments now) and thus the functions to do
what you want are still called set_fs/get_fs/get_ds