Date: Sat, 31 Oct 1998 15:50:15 -0800 From: Mike Smith <mike@smith.net.au> To: Alfred Perlstein <bright@hotjobs.com> Cc: hackers@FreeBSD.ORG Subject: Re: copyin/copyout routines. Message-ID: <199810312350.PAA01372@dingo.cdrom.com> In-Reply-To: Your message of "Sat, 31 Oct 1998 10:07:47 EST." <Pine.BSF.4.05.9810311004280.9417-100000@porkfriedrice.ny.genx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > someone showed me a driver they were working on that was getting errors > using copyin and copyout.. the error was when they used copyin to copy > from user land into the kernel they would get a bad adress error. > > the location they were copying to was on the kernel stack ie. > > int x; > > y = copyin(useraddr, &x, sizeof(x)); > > for some reason i think that copyin only works in/out of the kernel malloc > error, basically he should be copying into malloc'd areas, not the stack. > > is this true? No. Getting EFAULT from copyin/out means that the user address is bad. In most cases, it's wrong to use copyin/out in a driver anyway; you should be using uiomove. Typically you will get this problem if you are making a mistake about the semantics of the data arg to your ioctl handler, either indirecting one time too many or one time too few (copying from the address of the kernel copy of the value, or copying from the address value at the location in userspace that the copied value points to). -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199810312350.PAA01372>