Access to Userspace

Even though the kernel does its best to keep kernel space and userspace separate, there are situations in which kernel code has to access the virtual memory of user applications. Of course, this only makes sense when the kernel is performing a synchronous action initiated by a user application — write and read access by arbitrary processes not only serves no purpose, but may also produce risky results in the code currently executing.

8Of course, 2's complement notation is used to prevent errors where there are two zeros with different signs. See http://en for more information about this format.

The processing of system calls is, of course, a classic situation in which the kernel is busy with the synchronous execution of a task assigned to it by an application. There are two reasons why the kernel has to access the address space of user applications:

□ If a system call requires more than six different arguments, they can be passed only with the help of C structures that reside in process memory space. A pointer to the structures is passed to the system call by means of registers.

□ Larger amounts of data generated as a side effect of a system call cannot be passed to the user process using the normal return mechanism. Instead, the data must be exchanged in defined memory areas. These must, of course, be located in userspace so that the user application is able to access them.

When the kernel accesses its own memory area, it can always be sure that there is a mapping between the virtual address and a physical memory page. The situation in userspace is different, as described in Chapter 3. Here, pages might be swapped out or not even be allocated.

The kernel may not therefore simply de-reference userspace pointers, but also must employ specific functions to ensure that the desired area resides in RAM. To make sure that the kernel complies with this convention, userspace pointers are labeled with the __user attribute to support automated checking by C check tools.9

Chapter 3 discusses the functions used to copy data between userspace and kernel space. In most cases, these will be copy_to_user and copy_from_user, but more variants are available.

Continue reading here: System Call Tracing

Was this article helpful?

0 0