Page fault in kernel mode from LKM
Andrey Simonenko
simon at comsys.ntu-kpi.kiev.ua
Thu Dec 1 11:45:55 GMT 2005
On Wed, Nov 30, 2005 at 10:44:47PM -0800, Daniel Rudy wrote:
>
>
> http://pastebin.com/444571
>
> I'm not sure WHY it keeps panicing the system. This is code that is
> part of a klm that I'm writing. Any ideas?
>
It would be better to insert code of your KLD in your letter.
I think your KLD module has some problems.
You cannot access vm_map without holding lock on vm_map,
use vm_map_lock() and vm_map_unlock() for this.
If some program is multithreaded, then some thread can use
sbrk() (which calls obreak()) and you will have race condition
between your functions mod_xfrom_allocate() and mod_xform_free().
As I understand mod_syscall_open() is a wrapper for open() syscall
and its address is setuped in p_sysent->sv_table. If my assumption
is correct, then your wrapper gets pointer to uap, which is already
in the kernel space. Read i386/trap.c:syscall(), copyin() already
was called for the address in the user space.
Why you do not see this mistake? Because return value of copyin()
and copyout() should be checked. I think you get EFAULT from copyin,
since uap is in stack, which is in KVM. You correctly noticed that
original open() returns EFAULT, this is because supplied buffer has
garbage.
If I understood your code correctly, then it looks like, that
you need to revisit logic of your wrapper, and allocate memory
only for arguments which are in the user space. Also, I'm not
sure why you decided (again incorrectly) to copy *uap back to
user space, it can confuse program.
Hope this can help.
More information about the freebsd-hackers
mailing list