如何验证指针是否指向进程地址表 [英] How to verify if the pointer is pointing to the process address table
问题描述
我正在尝试在 Arch linux系统下编写自己的系统调用,以下是系统调用的格式:
I am trying to write my own system call under Arch linux system, the following is the format of the system call:
long getpeuid(pid_t pid, uid_t *uid)
用于获取调用进程的父进程的euid.
Which is used to get the euid of calling process's parent process.
我知道我必须首先验证三件事:
I know I have to verify three things first:
-
检查指针是否指向用户空间. 可以通过
access_ok()
完成.
check if the pointer is pointing to the user space. That can be done by
access_ok()
.
检查指针是否指向调用进程的地址空间.
check if the pointer is pointing to the calling process's address space.
检查调用进程是否有权写入指针所指向的空间.
check if the calling process has the permission to write to the space the pointer is pointing to.
我发现系统调用copy_to_user()
可以将内核空间变量复制到用户空间,,但是我不确定系统调用是否首先检查其他先决条件.
I found the syscall copy_to_user()
can copy the kernel space variable to user space, but I am not sure if the syscall checks the other prerequisites first.
此外,我不确定如何获取调用进程的父进程euid.我知道getppid()
可以获取父进程ID,但是我不确定如何进行处理.有人可以给我一些提示吗?
Also, I am not sure how can I get the calling process's parent process euid. I know getppid()
could get the parent process ID, but I am not sure how to proceed with that. Can someone give me some hint on this?
提前谢谢!
编辑:
一个后续问题,如果我想检查父进程的有效uid是否为root,我可以简单地查看euid是否等于0,对吗?
A follow up question, if I want to check if the effective uid of parent process is root, I could simply see if euid equals 0, is that right?
另一个问题,是否允许在系统调用中调用getppid()和其他系统调用?经过一番谷歌搜索之后,似乎每个人都在努力避免这样做.
Another question, are we allowed to call getppid() and other syscalls inside a syscall? after some googling, it seems like everyone is trying to avoid doing this.
推荐答案
(我是Linux内核开发的新手,请根据需要更正此答案!)
是的,copy_to_user
进行所有必需的检查,以查看是否允许该进程写入引用的内存空间.这是为什么经常使用copy_to_user
的主要原因.
Yes, copy_to_user
makes all the needed checks to see if the process is allowed to write to the referenced memory space. That is a major reason why copy_to_user
is used so often.
一旦有了父进程的PID,就需要获得对其任务描述符的引用.我相信您可以通过致电find_task_by_vpid(pid_number)
来实现.
Once you have the PID of the parent process, you will need to get a reference to its task descriptor. I believe you can get that by calling find_task_by_vpid(pid_number)
.
现在,您有一个指向父进程的task_struct
的指针.它具有2个struct cred *
成员:cred
和real_cred
. (我不确定您应该使用哪个.)struct cred
具有成员euid
.
Now you have a pointer to the parent process' task_struct
. It has 2 struct cred *
members: cred
and real_cred
. (I'm not sure which one you should use.) struct cred
has a member euid
.
如果euid
为0,则是,父进程以root用户身份运行.请注意,如果系统使用LXC容器,则它可能位于容器的内部根.
If the euid
is 0, then yes, the parent process is running as root. Note that if the system uses LXC containers, then it could be root inside a container.
这篇关于如何验证指针是否指向进程地址表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!