DragonFly kernel List (threaded) for 2007-07
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
Re: link(2) and EFAULT
[TOFU fixed]
Jonas Trollvik wrote:
On 7/27/07, Michael Galassi <nerd@xyz.com> wrote:
A few hours ago I wrote:
copyin() is called by the system call code and returns
efault after validating the address, before actually
touching it.
This is the traditional way of doing things but is clearly expensive
as validating a user address takes forever and a bit. Do we blindly
use whatever address is passed in and then add checking to the page
fault code to figure out if we should just return efault? This would
be a blatant example of optimizing the common case at small cost for
the error case which most people probably don't care about.
The kernel needs to validate that the pointers it gets from userland
are valid, otherwise this could lead to an exploit/panic among other
things.
The kernel actually does what Michael suggests: It sets a custom fault handler and just copies away. See /sys/platform/pc32/i386/support.s
cheers
simon
--
Serve - BSD +++ RENT this banner advert +++ ASCII Ribbon /"\
Work - Mac +++ space for low €€€ NOW!1 +++ Campaign \ /
Party Enjoy Relax | http://dragonflybsd.org Against HTML \
Dude 2c 2 the max ! http://golden-apple.biz Mail + News / \
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]