I just browsed kernel net sources and found that in some cases verify_area
function is called the memory area wich is alloceted localy in the kernel.
Could this be avoided ? Is there a need to verify_area structures
allocated by the kernel ? For instance:
file: /usr/linux/src/net/socket.c
function: sock_read line: 336
struct msghdr msg;
function: sock_read line: 356
return(sock->ops->recvmsg(sock, &msg, size,(file->f_flags & O_NONBLOCK), 0,&msg.msg_namelen));
function: sys_recvmsg line: 1156
asmlinkage int sys_recvmsg(int fd, struct msghdr *msg, unsigned int flags)
function: sys_recvmsg line: 1180
err=verify_area(VERIFY_READ, msg,sizeof(struct msghdr));
So, when sys_recvmsg is called localy form the kernel function sock_read
verify_area is performed on struct msg wich is allocated within the
kernel.
Shouldn't this be avoided because kernel isn't accessing user memory area ?
Also, I noticed that old multiple calls to {get|put}_fs_long are
substituted by move_addr_to_{user|kernel}. Great work ! :)
bb4now,
PMC