sysfs: pass function pointers to kernel (not just a value through attribute)

Terry Hsu terry.shoes at gmail.com
Tue Dec 18 19:37:02 EST 2012


On Mon, Dec 17, 2012 at 10:32 AM, Yann Droneaud <ydroneaud at opteya.com>wrote:

> Le lundi 17 décembre 2012 à 10:11 -0500, Terry Hsu a écrit :
> > Hello everyone,
> >
> >
> > I am looking for some mechanism for userspace tasks to pass certain
> > functions to kernel and let the kernel execute these functions on
> > behalf of userspace tasks. I know that sysfs can be used with kobject
> > embedded into internal kernel structure to access kernel variables.
> > But is there anyway for userspace tasks to pass a function to kernel
> > to execute through sysfs?
> >
>
> From a security point of view: what a crazy idea !
>
> And difficult to implement as you described it:
> A pointer to userspace is of no interest for the kernel.
> A pointer to userspace memory is tied the process that "generate" it.
> So without any reference to the process, a pointer has no meaning for
> the kernel.
> Then, this pointer must point to something, eg. what's going to happen
> when your process exit while the kernel is going to execute code on its
> behalf ...
>
>
Before a userspace tasks can delegate the job to kernel, it has to have the
privilege to do so. Therefore if a task asks the kernel to run something
that is not permitted, the kernel will block the request and return error
value to the userspace caller.

Thanks for pointing out the difficulties here when passing the function
pointers to kernel. I am relatively new to kernel hacking, so after reading
your comments, I went back and read about high memory in Linux kernel. I
learned that the kernel can use kmap/kunmap to establish/destory persistant
kernel mappings. Will it be feasible if the kernel use kmap to map those
userspace memory regions? In this way the kernel can access the function
pointer and execute the function on behalf of the userspace task.



> >
> > PS: adding syscall in the kernel can certainly satisfy my needs but it
> > is less favorable because the new kernel service I want to add is not
> > that general to be added as a new syscall.
> >
>
> You might want to describe the problem you're trying to fix or at least
> a use case.
>

For example, when a userspace task creates a thread to execute a function,
the kernel will copy the task_struct and mm_struct from its parent process.
I am trying assign different memory access privileges for different tasks
within the same process so that they do not always have the same privilege
to access all the pages of their parent process. To do so, I intend to let
the kernel maintain separate page tables for different tasks, and bookkeep
the access privilege.

Thanks!


>
> Regards.
>
> --
> Yann Droneaud
> OPTEYA
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20121218/52725af2/attachment.html 


More information about the Kernelnewbies mailing list