Imagine a situation like this: I'll take a function pointer, which is located in the user space, from a syscall, and the kernel module calls back this function. (It would be important for this function to run in user space) Will the kenel module see the same memory address (acquired function pointer) as the user space application? (I mean user's virtual address space or liner address space)
1
votes
Possible duplicate of Executing a user-space function from the kernel space
– Tsyvarev
It it were possible, Holy security flaw, Batman!
– user3344003
@user3344003 I think no, if the kernel change privilege level before call the user space function.
– Gabor Antal
That would be a giant security hole.
– user3344003
That's exactly how signal handlers operate and yes, this is possible, though a highly non-trivial task. The more usual approach is to interact with user space via netlink sockets, which exist for exactly this purpose.
– oakad
1 Answers
0
votes
First of, you are trying to do something wrong. If you need custom code in the kernel, you provide it as a kernel module.
The answer in the linked duplicate ( Executing a user-space function from the kernel space ) is largely crap. This would "work" on certain architectures as long as no syscalls are used and no tls/whatever other stuff is used. In fact this is how plenty of exploits do it.
I'll take a function pointer, which is located in the user space, from a syscall, and the kernel module calls back this function.
It really sounds like you are trying to do something backwards. If you need a userspace component, that's the thing which should have all the logic. Then you call the kernel telling it what to do.
(It would be important for this function to run in user space?)
Who are you asking? I can only state that calling a function which was planted by userspace does not mean it starts "running in user space". Switching to userspace is a lot of work, definitely not done by calling a function.
Will the kenel module see the same memory address (acquired function pointer) as the user space application?
Depends on the architecture, typically it will. But even then there are hardware protections from using this "feature" which have to explicitly turned off.
But again, you DON'T want to do it. I strongly suggest you state the actual problem.
