ioctl, copy string from user
Gary Jennejohn
gljennjohn at googlemail.com
Fri Apr 30 08:52:39 UTC 2010
On Thu, 29 Apr 2010 23:23:28 +0200 (CEST)
"Lukas Czerner" <czerner.lukas at gmail.com> wrote:
> On Thu, 29 Apr 2010, Ryan Stone wrote:
>
> > Date: Thu, 29 Apr 2010 17:19:41 -0400
> > From: Ryan Stone <rysto32 at gmail.com>
> > To: Lukas Czerner <czerner.lukas at gmail.com>
> > Cc: freebsd-hackers at freebsd.org
> > Subject: Re: ioctl, copy string from user
> >
> > > Apparently I need to tell ioctl how big is the variable I am
> > > providing to it ([MAXLEN]). The odd thing is, when I have a structure
> > > like this:
> > >
> > > struct lrfs_attach_info {
> > > char *name;
> > > int priority;
> > > };
> > >
> > > and I pass the pointer to that structure to the ioctl, it just
> > > works. I can even use the 'name' string from the structure without
> > > any problems, apparently it translates the pointer properly, but I
> > > did not expect this...
> >
> > I think that you'll find that what actually happens is that you're
> > reading from the userspace pointer. That will work as long as the
> > pointer is mapped, but you'll panic if what it points to gets swapped
> > out or is invalid.
> >
>
> Hmmm, I can prevent the pointer to be invalidated, but I doubt I can
> prevent to the pointer to been swapped out. Is there some better way
> ? Allocate it statically (char name[MAXLEN]), then it gets copied
> as whole to the kernel space, isn't it ?
Look at the definition of _IOW() in /sys/sys/ioccom.h. It should become
obvious what's going on.
--
Gary Jennejohn
More information about the freebsd-hackers
mailing list