copy_to_user VS的memcpy [英] copy_to_user vs memcpy

问题描述

我一直被告知（在书籍和教程），尽管复制从内核空间到用户空间的数据，我们应该使用copy_to_user（）和使用的memcpy（）会导致问题的系统。最近的错误，我已经使用的memcpy（）和它的工作有任何问题，完全没有问题。 这是为什么我们应该使用，而不是memcpy的copy_to_user（）

I have always been told(In books and tutorials) that while copying data from kernel space to user space, we should use copy_to_user() and using memcpy() would cause problems to the system. Recently by mistake i have used memcpy() and it worked perfectly fine with out any problems. Why is that we should use copy_to_user instead of memcpy()

我的测试code（内核模块）是这样的：

My test code(Kernel module) is something like this:

static ssize_t test_read(struct file *file, char __user * buf,
             size_t len, loff_t * offset)
{
    char ani[100];

    if (!*offset) {
        memset(ani, 'A', 100);
        if (memcpy(buf, ani, 100))
            return -EFAULT;
        *offset = 100;
        return *offset;
    }

    return 0;
}

struct file_operations test_fops = {
    .owner = THIS_MODULE,
    .read = test_read,
};

static int __init my_module_init(void)
{
    struct proc_dir_entry *entry;

    printk("We are testing now!!\n");
    entry = create_proc_entry("test", S_IFREG | S_IRUGO, NULL);
    if (!entry)
        printk("Failed to creats proc entry test\n");

    entry->proc_fops = &test_fops;
    return 0;
}
module_init(my_module_init);

从应用程序，我很简单的打电话给我创造了proc入口和一切工作正常。

From Application i am simple calling my created proc entry and everything works fine.

一看copy_to_user（）来源$ C ​​$ C说，这也简单的memcpy（），我们简单试图检查指针是否有效或不符合access_ok和做的memcpy。

A look at source code of copy_to_user() says that it is also simple memcpy() where we are simple trying to check if the pointer is valid or not with access_ok and doing memcpy.

所以我的理解目前是，如果我们肯定我们传递指针，的memcpy（）总是可以代替copy_to_user 使用。
请回答如果是这种情况或没有。此外，其中copy_to_user作品和memcpy（）失败的任何例子是非常有用。谢谢你。

So my understanding currently is that, if we are sure about the pointer we are passing, memcpy() can always be used in place of copy_to_user. Please answer if this is the case or not. Also, any example where copy_to_user works and memcpy() fails would be very useful. Thanks.

推荐答案

有几个方面的原因。

一，安全性。因为内核可以写就是了，如果你只是用你得到一个用户空间地址，并使用的memcpy 任何地址，攻击者可以编写到另一个进程的页面，这是一个巨大的安全问题。 copy_to_user 检查目标页面是当前进程可写。

First, security. Because the kernel can write to any address it wants, if you just use a user-space address you got and use memcpy, an attacker could write to another process's pages, which is a huge security problem. copy_to_user checks that the target page is writable by the current process.

也有一些建筑方面的考虑。在x86上，例如，目标页面必须驻留在内存。在某些架构上，可能需要特别说明。等等。的是非常便携的Linux内核目标要求这种抽象的。

There are also some architecture considerations. On x86, for example, the target pages must be pinned in memory. On some architectures, you might need special instructions. And so on. The Linux kernels goal of being very portable requires this kind of abstraction.

这篇关于copy_to_user VS的memcpy的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！