On Sat, 19 Jan 2013 17:34:15 +0100, Grzegorz Dwornicki said: > I could write thesse macros defs too but my real problem is: what does this > stuff do? Some functions use this macro and other does not. For example > compat_do_execve (from include/linux/comtap.h) use normal pointer named > filename and second pointer named argv as __user pointer. Why does argv > needs __user but filename not? Hint: Look to see what memory the actual argv[] lives in, and then see what memory the filename lives in. In general, syscalls like to make a *copy* of parameters that need security validation, and then validate and use the copy. This is to prevent a "time-of-check-time-of-use" (TOCTOU) security issue - otherwise, it would be possible for some nefarious person to issue a syscall pointing at a filename in shared memory, wait till just after the security check was done, and then replace the filename with something else more dastardly (it's a variant on the concept of symlink races). So that 'filename' probably lives in a kmalloc buffer someplace. The argv[] however is actually in a user page. That help?
Attachment:
pgpGkLxNp2iIG.pgp
Description: PGP signature
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
