code cat

tar xfj arm-2012.03-57-arm-none-linux-gnueabi-i686-pc-linux-gnu

mv arm-2012.03 /opt/

vi ~/.bashrc

export PATH=/opt/arm-2012.03/bin:$PATH
# source ~/.bashrc

qaq

:g/검색어/y A

:let @+ = @a

:g/검색어/d

:v/검색어/d

char __user *buff

I was hoping someone could explain the nuances of the __user macro used in the linux kernel source.

First of all, the macro:
# define __user __attribute__((noderef, address_space(1)))

Now, after some googling I read that this macro allows one to designate a pointer as belonging to the user address space, and that it should not be dereferenced.

I may be missing some obvious facts, but could someone please explain the implications of such a macro? For instance, what is a good example of where this macro would be of use? Again, forgive me if I am missing something obvious.

To put this in some context, I came accross the macro while examining some USB code (linux/usbdevice_fs.h). I am only looking for a general understanding of this macros( or others like it) use within the kernel.

Thanks for looking!
c macros linux-kernel kernel link|edit|flag asked Dec 23 '10 at 18:46

Mr. Shickadance
1,155624

82% accept rate

2

See do_execve() source for good example. See how argv is used in count(). If you'd simply dereference (*argv[0]) or something, sparse(1) will warn about it. address_space says not all pointers are equal, requiring different (dereference) rules and should not be mixed. – adobriyan Dec 24 '10 at 17:12


2 Answers
active
oldest
votes
up vote
4
down vote
accepted
It allows tools like sparse to tell kernel developers that they're possibly using an untrusted pointer (or a pointer that may be invalid in the current virtual address mapping) improperly.link|edit|flag answered Dec 23 '10 at 18:59

Michael Burr
117k11123313




up vote
3
down vote
I think __user marks user space pointers and tells the developer/system not to trust it. If user gives you "invalid" pointer, then kernel tries to reference it (note that kernel can reference everywhere) and it can corrupt it's own space.

For example in "read"(in you usbdevice_fs.h) should provide you a (__user) buffer to write the result to. So you have to use copy_to_user, but not memcopy, strcpy or anything like this.

Note: This is not formal definition/description, but the only part I'm aware of.

#define __initcall(fn) \
static initcall_t __initcall_##fn __init_call = fn
#define __init_call __attribute__ ((unused,__section__ ("function_ptrs")))
#define module_init(x) __initcall(x);

svn resolve --accept working file_name

svn resolve --accept working -R .