Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how the Linux kernel determines whether the address is in the user space". In the daily operation, I believe that many people have doubts about how the Linux kernel determines whether the address is in the user space. The editor consulted all kinds of materials and sorted out a simple and useful method of operation. I hope it will be helpful to answer the doubt that "how does the Linux kernel judge whether the address is in the user space". Next, please follow the editor to study!

I. description of the problem

What is the principle of access_ok function?

problem

Second, problem analysis

When we copy data in kernel space and user space, we must determine whether the user space address is legal or not. It is mainly judged by the even function access_ok.

1. Linux user space and kernel address space

Linux operating system and driver run in kernel space, and applications run in user space. They cannot simply use pointers to transfer data, because of the virtual memory mechanism used by Linux, the data in user space may be swapped out. When the kernel space uses user space pointers, the corresponding data may not be in memory.

Usually, the 32-bit Linux kernel address space is divided into user space (3G) and kernel space (4G). Note that this is the 32-bit kernel address space partition, while the 64-bit kernel address space partition is different.

Process addressing space 0room4G

The process can only access 3G~4G in user mode, and can only access 3G in kernel mode.

The process enters the kernel state through the system call

The 3G~4G portion of each process virtual space is the same

The process moving from the user state to the kernel state will not cause a change in the CR3, but it will cause a change in the stack.

2. Detailed explanation of access_ok

Prototype:

Access_ok (type,addr,size)

Features:

Access_ok-check whether the user space pointer is valid note that depending on the architecture, this function may just check whether the pointer is within the user space scope, and the memory access function may still return-EFAULT after calling this function

Parameter description:

TypeType of access: VERIFY_READ or VERIFY_WRITE. Note that VERIFY_WRITE is a superset of VERIFY_READ-- if it's safe to write to a block, it's always safe to read from it. The size of the block to be checked by the user space pointer at the beginning of the block to be checked by addr size

Return value:

This function checks whether a block of memory is available in user space. Returns true (non-zero value) if available, or false (0) otherwise.

two。 Source code analysis # define access_ok (type, addr, size) (_ _ range_ok (addr, size) = = 0) / * We use 33-bit arithmetic here... * / # define _ range_ok (addr, size) ({\ unsigned long flag, roksum;\ _ chk_user_ptr (addr);\ _ asm__ ("adds 1, 2, 3; sbcccs 1, 1, 0) Movcc% 0, # 0 "\:" = & r "(flag)," = & r "(roksum)\:" r "(addr)," Ir "(size)," 0 "(current_thread_info ()-> addr_limit)\:" cc ");\ flag }) static inline void _ chk_user_ptr (const volatile void * p, size_t size) {assert (p > = _ _ user_addr_min & & p + size addr_limit (non-0), and return. If there is no carry (carry 0), execute the following instruction:

Sbcccs 1, 1, 0

This instruction is equivalent to

Rosum = rosum-flag-1

That is, (addr + size)-(current_thread_info ()-> addr_limit)-1, the operation affects the symbol bit. .

If (addr + size) > = (current_thread_info ()-> addr_limit)-1, then if (addr + size)

Addr_limit)-1, then flag 0 executes the following instructions when centering 0, otherwise skip (C0 is non-zero).

Movcc 0, # 0

Equivalent to

Flag = 0, assign a value of 0 to flag.

To sum up, the _ _ range_ok macro is equivalent to:

If (addr + size) > = (current_thread_info ()-> addr_limit)-1, return a non-zero value if (addr + size)

Addr_limit), return zero

Access_ok is to verify whether the address range of the user space to be operated is within the user address space limit of the current process. The function of this macro is very simple and can be implemented in C rather than assembler. Because these two functions are used frequently, assembler is used to implement some functions to increase efficiency.

3. Use an example

When we copy data from kernel to user space or from user space to kernel space, we need to determine whether the user space address is in user space.

Static inline unsigned long _ _ must_check copy_from_user (void * to, const void _ user * from, unsigned long n) {if (access_ok (VERIFY_READ, from, n)) n = _ _ copy_from_user (to, from, n); else / * security hole-plug it * / memset (to, 0, n); return n } static inline unsigned long _ _ must_check copy_to_user (void _ _ user * to, const void * from, unsigned long n) {if (access_ok (VERIFY_WRITE, to, n)) n = _ _ copy_to_user (to, from, n); return n;} at this point, the study of "how the Linux kernel determines whether the address is in user space" is over, hoping to solve everyone's doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.