[bootlin/training-materials updates] master: slides/kernel-framework: Improve explanations about accessing user pointers (09d55efe)
Miquel Raynal
miquel.raynal at bootlin.com
Fri Mar 24 18:46:37 CET 2023
Repository : https://github.com/bootlin/training-materials
On branch : master
Link : https://github.com/bootlin/training-materials/commit/09d55efe4700d9c1fdbbebface9740a7885772ac
>---------------------------------------------------------------
commit 09d55efe4700d9c1fdbbebface9740a7885772ac
Author: Miquel Raynal <miquel.raynal at bootlin.com>
Date: Tue Mar 21 11:38:25 2023 +0100
slides/kernel-framework: Improve explanations about accessing user pointers
Signed-off-by: Miquel Raynal <miquel.raynal at bootlin.com>
>---------------------------------------------------------------
09d55efe4700d9c1fdbbebface9740a7885772ac
slides/kernel-frameworks/kernel-frameworks.tex | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/slides/kernel-frameworks/kernel-frameworks.tex b/slides/kernel-frameworks/kernel-frameworks.tex
index d4d12ad2..c475664f 100644
--- a/slides/kernel-frameworks/kernel-frameworks.tex
+++ b/slides/kernel-frameworks/kernel-frameworks.tex
@@ -237,13 +237,15 @@ Many more operations exist. All of them are optional.
\item Kernel code isn't allowed to directly access user space
memory, using \kfunc{memcpy} or direct pointer dereferencing
\begin{itemize}
- \item Doing so does not work on some architectures
+ \item User pointer dereferencing is disabled by default to make it
+ harder to exploit vulnerabilities.
\item If the address passed by the application was invalid, the
- application would segfault.
+ kernel could segfault.
\item {\bf Never} trust user space. A malicious application could
pass a kernel address which you could overwrite with device data
(\code{read} case), or which you could dump to the device
(\code{write} case).
+ \item Doing so does not work on some architectures anyway.
\end{itemize}
\item To keep the kernel code portable, secure, and have proper
error handling, your driver must use special kernel functions
More information about the training-materials-updates
mailing list