To: linux-kernel@vger.kernel.org
Path: not-for-mail
From: daw@taverner.cs.berkeley.edu (David Wagner)
Newsgroups: isaac.lists.linux-kernel
Subject: Re: Why system call need to copy the date from the userspace before 
 using it
Date: Sat, 16 Apr 2005 23:46:39 +0000 (UTC)
Organization: University of California, Berkeley
Distribution: isaac
Message-ID: <d3s84v$j64$2@abraham.cs.berkeley.edu>
References: <Pine.LNX.4.61.0504131507280.21367@chaos.analogic.com> <200504160450.j3G4oqC9029496@hacksaw.org>
Reply-To: daw-usenet@taverner.cs.berkeley.edu (David Wagner)
NNTP-Posting-Host: taverner.cs.berkeley.edu
NNTP-Posting-Date: Sat, 16 Apr 2005 23:46:39 +0000 (UTC)
Originator: daw@taverner.cs.berkeley.edu (David Wagner)
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1240
Lines: 21

Hacksaw  wrote:
>What I would expect the kernel to do is this:
>
>system_call_data_prep (userdata, size){	 [...]
>      for each page from userdata to userdata+size
>      {
> 	if the page is swapped out, swap it in
>	if the page is not owned by the user process, return -ENOWAYMAN
>	otherwise, lock the page
>      }   [...]

One challenge that might make this issue a little tricky is that
you have to handle double-indirection, where the kernel copies in
a buffer that includes a pointer to some other buffer that you then
have to copy in.  I think this comes up in some of the ioctl() calls.
Because only the guts of the ioctl() implementation knows the format of
the data structure, only it knows what system_call_data_prep() calls
would be needed.  So, everywhere that currently does copy_from_user()
would have to do system_call_data_prep().  (It wouldn't be sufficient
to call system_call_data_prep() once in some standardized way at the
start of each system call, and leave it at that.)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/