why can't kernel access user process address directly

2
votes

This article https://lwn.net/Articles/75174/

says that if the kernel wants to access a physical page, it needs to map it to a linear address in the kernel space (to high memory region).

Suppose the page is already mapped by an user process, can the kernel just use the user-process page table to access that page directly (since they share the same page table)? Why does the kernel have to map it again?

1
linux-kerneloperating-system
If a page is mapped in user-space it probably lacks the appropriate permissions (bits set in page table entry) and thus a new mapping is required. - Tony Tannous
you mean the S/U bit? if the CPU is on supervisor (ring 0), can it not read/execute data/instruction in ring 3? - user1734905
I believe when CPL=0, all pages are addressable - user1734905

1 Answers

0
votes

Suppose the page is already mapped by an user process, can the kernel just use the user-process page table to access that page directly (since they share the same page table)?

Yes, after you checking if the userspace-supplied pointer is valid, you could dereference it. The kernel has copy_(to|from)_user helpers that encapsulate this.

Why does the kernel have to map it again?

Normally, when you need to fiddle with physical addresses, say for interacting with memory mapped devices, you won't find the page already mapped in userspace. If it's not within the low memory region you have page tables for, you'll have to map them.

Note, that with 64-bit systems, this is not a concern any longer, as you've enough bits for everything to be low memory.