What are the implications of the linux __user macro?

c macros linux-kernel kernel
Mr. Shickadance picture Mr. Shickadance · Dec 23, 2010 · Viewed 18k times · Source

I was hoping someone could explain the nuances of the __user macro used in the linux kernel source.

First of all, the macro:

# define __user         __attribute__((noderef, address_space(1)))

Now, after some googling I read that this macro allows one to designate a pointer as belonging to the user address space, and that it should not be dereferenced.

I may be missing some obvious facts, but could someone please explain the implications of such a macro? For instance, what is a good example of where this macro would be of use? Again, forgive me if I am missing something obvious.

To put this in some context, I came accross the macro while examining some USB code (linux/usbdevice_fs.h). I am only looking for a general understanding of this macros( or others like it) use within the kernel.

Thanks for looking!

Answer

Michael Burr picture Michael Burr · Dec 23, 2010

It allows tools like sparse to tell kernel developers that they're possibly using an untrusted pointer (or a pointer that may be invalid in the current virtual address mapping) improperly.

Related questions

What is ":-!!" in C code?

I bumped into this strange macro code in /usr/include/linux/kernel.h: /* Force a compilation error if condition is true, but also produce a result (of value 0 and type size_t), so the expression can be used e.g. …

Read More
What's the use of do while(0) when we define a macro?

Possible Duplicates: Do-While and if-else statements in C/C++ macros do { … } while (0) — what is it good for? I'm reading the linux kernel and I found many macros like this: #define INIT_LIST_HEAD(ptr) do { \ (ptr)->next = (ptr); (…

Read More
What is the point of using the linux macro access_ok()

I've been doing some research and I'm a little confused about this macro. Hopefully someone can give me some guidance. I have some ioctl code (which I've inherited, not written) and the first thing it does if check if access_…

Read More