Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
As per the linux design on x86 and ppc, the 4g virtual address space is divided into 3:1.
User virtual address’s are till 3g.
Now if user app does an ioctl passing a pointer to buffer, the kernel module, can directly do a memcpy, I tried and it worked.
=> Why do we then need a copy_to/copy_from user.
Note: If the page is swapped out, then the kernel pagefault handler would bring that back, and it is invisible to kernel module.
need yr ideas … comments
There are several good reasons that
copy_to_user/copy_from_userare the correct functions to use:On some architectures a simple
memcpy()does not work, so using those functions allows your code to work there. I believe even x86 with theHIGHMEMconfig option selected is in this boat.Those functions do an
access_ok()check to ensure that the user space addresses referenced really are genuine user space addresses. If you just do amemcpy(), the caller of theioctl()can supply an address range that overlaps kernel addresses, which is a security hole.However, the major reason is to properly handle bad user addresses. If you just use a bare
memcpy(), the unhandled fault will result in a kernel oops. The user access functions use the “fixup” mechanism, which allows the fault to be handled (the read or write is short, and usuallyEFAULTis returned to userspace in this case).