Re: copy_from_user/copy_to_user question

[Robert Hancock]

Steven Rostedt wrote:
> Nope, the kernel is always locked into memory.  If you take a page fault
> from the kernel world, you will crash and burn. The kernel is never
> "swapped out".  So if you are in kernel mode, going into do_page_fault
> in arch/i386/mm/fault.c there is no path to swap a page in.  Even the
> vmalloc_fault only handles a page not in the page global descriptor of
> the current task.  But if this page is not mapped somewhere in memory
> (not swapped out), you will get a kernel oops.
>
> Kernel memory may never be swapped out. What happens if an interrupt
> tries to use such memory. How does it handle sleeping?
>
> Just change copy_to_user into memcopy, and see how long your system
> stays up and running.  Do it on a machine that you don't need to worry
> about rogue applications.  It won't last very long.

Yes, kernel memory is never swapped out. But my point is merely that as 
far as I know there is no special handling in the copy_to/from_user 
functions to handle the case where the userspace memory is swapped out, 
and therefore this would not be an issue for accessing the memory 
directly. Obviously this is not something that one should actually do, 
since access faults are not trapped and on some architectures or 
configurations it won't work at all.

--
Robert Hancock      Saskatoon, SK, Canada
To email, remove "nospam" from hancockr@xxxxxxxxxxxxx
Home Page: http://www.roberthancock.com/

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/