What is the point of using the linux macro access_ok()
I've been doing some research and I'm a little confused about this macro. Hopefully someone can give me some guidance. I have some ioctl code (which I've inharented, not written) and the first thing it does if check if access_ok() before moving on to copying data over from user space:
if(! access_ok(VERIFY_READ, (void *)arg, sizeof(Message_par_t)))
if(! access_ok(VERIFY_WRITE, (void *)arg, sizeof(Message_par_t)))
argp = &Command;
__lddk_copy_from_user( (void *) argp,(Command_par_t *) arg, sizeof(Command_par_t));
So the code works just fine, but I'm not sure it's needed. The first question comes from this description of access_ok's return:
"The function returns non-zero if the region is likely accessible (though access may still result in -EFAULT). This function simply checks that the address is likely in user space, not in the kernel."
So this means that it really does nothing more then make sure the pointer we're checking against is probably initialized in user space? Since we know that we couldn't come into thsi function other than a user space call, and it couldn't happen unless we opened a valid file descriptor to this device, is this really needed? Is it really any safer then just making sure we didn't get a NULL pointer?
Second question comes from this description:
"The type argument can be specified as VERIFY_READ or VERIFY_WRITE. The VERIFY_WRITE symbolic also identifies whether the memory region is readable as well as writable."
Does this mean the first check in my code is redundant? If we're going to check for a writable area we get readable as a free-be?