Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Coding C & C++ how is the correct way to use copy_from_user?

Thread Rating:
  • 482 Vote(s) - 3.48 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
how is the correct way to use copy_from_user?

Offline ellwoodkfbjnmxf


Member
*
Member
Posts: 0
Threads: 0
Joined: Feb 2023
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#1
07-27-2023, 12:05 PM
I am trying to copy a value from user space to kernel space with the function:

static ssize_t device_write(struct file *filp, const char *buff, size_t len, loff_t *off)
{

unsigned long copy=0;
int desp=0;

copy = copy_from_user(&desp, &len, 4);

printk(KERN_ALERT "copy: %lx\n", copy);
printk(KERN_ALERT "desp: %d\n", desp);
}



where "len" is the variable that exists in the user space, and I want to copy it to "desp" in the kernel space

the function call I make from the user space is (write is device_write according to file_operations struct):

write (fd,buffer,8, &off);

when I print the value that should be stored in "desp" is always 0 (should be 8).
What is the problem in my code? I've been seeing several examples and I implemented many variations but none works.
Reply

Offline diaphysis691716


Luxury
*****
Luxury
Posts: 0
Threads: 0
Joined: Nov 2021
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
07-27-2023, 12:22 PM
`len` does *not* exist in user-space. It is passed by value, so `len` is accessible as a normal variable in kernel-space. `desp = (int)len` is all you need. Note, however, that size_t is not the same as int, and on 64-bit platforms size_t is 8 bytes.

`copy_from_user()` is for the buffer you're trying to write (called `buffer` in your user-space code, and `buff` in your kernel-space argument list). What's passed is a pointer to a memory address which only exists in user-space, so `copy_from_user()` copies that buffer to a kernel-space buffer.
Reply

Offline mariexzt


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Oct 2022
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#3
07-27-2023, 12:22 PM
The `write` function prototype in the manual is:

`ssize_t write(int fd, const void *buf, size_t count);`

So you only need to pass 3 values to `write`, namely: the file descriptor `fd`, `buffer` where your data lies, and `count` of bytes you want to write.

This regarding the user space. Now let's move to the kernel space write function, i.e. your `device_write`.

The argument `buf` to this function is the one which contains data which you want to write from user space, `count` is the length of data sent to be written by the kernel. So you are supposed to copy data from `buf` pointer and not `len`.

So, the correct way would be:

char *desp; //allocate memory for this in kernel using malloc
copy_from_user (desp, buff, len);

This should do.
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through