On 3/21/06, Gaurav Dhiman <gauravd.chd@xxxxxxxxx> wrote: > On 3/21/06, Fawad Lateef <fawadlateef@xxxxxxxxx> wrote: > > > > What you can do is: > > > > 1) From user application read the file and provide the data to driver > > through sysfs, this is secure (I think its fast too) > > 2) Directly call the file system functions to access the file (I think > > its difficult) > > 3) Directly call the user space file accessing functions through doing > > system-calls from kernel (its the worst thing to do) > > Can you explain, why the 3rd point is not recommended. whats the harm > in doing that, why we say it to be a worst thing to do. I only reason > I can find for that is, just because we are using the user > applications unused fd for opening our file without letting the user > application know about it. Whenever we opena file in kernel, using > sys_open() systemcall, we would be using the unused fd of an > application in context of which the driver is executing, and the > application wont come to know about it. Is there any harm in doing so, > if yes, please explain. > Hello Gaurav, I don't think that sys_open can be called from kernel rather accessing a file in kernel can be done through filp_open/close, struct file *file->f_op->read/write etc and for doing this have to use get_ds/set_fs thing (making get_fs() == KERNEL_DS) which actually bypasses arguments validity (see http://sosdg.org/~coywolf/lxr/source/include/asm-i386/uaccess.h#L18). And I think this is creating a security risk as file is accessing without checking and wrong content in file can do things bad. This is my understanding which might be completely wrong :) So, CMIIW -- Fawad Lateef -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
