data_access_validation(3K) DG/UX 5.4R3.00 data_access_validation(3K)
NAME
dataaccessvalidation: uacreadstringfromuser,
uacreadbytesfromuser, uacwritebytestouser,
uacwritestringtouser, psmforcedataaccessorder,
psmstopspeculativeexecution - verify pointers to data buffers
SYNOPSIS
#include "/usr/src/uts/aviion/ii/isc.h"
#include "/usr/src/uts/aviion/ii/ipsm.h"
#include "/usr/src/uts/aviion/ii/iuac.h"
void psmforcedataaccessorder (void)
statustype uacreadbytesfromuser (sourceptr, destptr, count)
pointertoanytype sourceptr; /*READ ONLY*/
pointertoanytype destptr; /*READ ONLY*/
uint32type count; /*READ ONLY*/
statustype uacreadstringfromuser (sourceptr, destptr,
countptr)
pointertoanytype sourceptr; /*READ ONLY*/
pointertoanytype destptr; /*READ ONLY*/
uint32ptrtype countptr; /*READ ONLY*/
void psmstopspeculativeexecution (void)
statustype uacwritebytestouser (sourceptr, destptr, count)
pointertoanytype sourceptr; /*READ ONLY*/
pointertoanytype destptr; /*READ ONLY*/
uint32type count; /*READ ONLY*/
statustype uacwritestringtouser (sourceptr, destptr)
pointertoanytype sourceptr; /*READ ONLY*/
pointertoanytype destptr; /*READ ONLY*/
where:
count The number of bytes to be moved.
countptr On input, a pointer to the maximum number of bytes to be
read from the source. On return, a pointer to the actual
number of bytes read, including the null, if any.
destptr Pointer to the location to which data is to be moved.
sourceptr Pointer to the location from which data is to be moved.
DESCRIPTION
The following routines are described in this man page:
uacreadbytesfromuser Move number of bytes from user to
kernel address space
uacreadstringfromuser Move byte string from user to kernel
address space
uacwritebytestouser Move number of bytes from kernel space
to user address space
uacwritestringtouser Move byte string from kernel to user
address space
psmforcedataaccessorder Force memory references to occur in
Licensed material--property of copyright holder(s) 1
data_access_validation(3K) DG/UX 5.4R3.00 data_access_validation(3K)
programmed order
psmstopspeculativeexecution
Discontinue speculative execution
NOTE: Since STREAMS modules and drivers don't
have user contexts, these routines
cannot be used within them.
Overview to Using User Data Access Validation Routines
Routines in this subsection are used to transfer data between user
memory and kernel memory.
Note both uacreadbytesfromuser and uacwritebytestouser may
fail if a paging I/O error occurs while the copy is in progress.
This may happen even if a range of addresses has been validated. For
this reason, it is important that drivers check the return status
from uacreadbytesfromuser and uacwritebytestouser. If the
validation fails, drivers should abort the system call with an EFAULT
status.
At the kernel level, you should be careful to read a given byte of
user space memory only once during a particular system call. If the
user space is part of shared memory, the memory may change between a
first read and a second read. Similarly, you should write to a given
byte of user space memory only once during a particular system call.
Double writing may produce inconsistent results if another process is
reading the memory as part of a shared memory area.
You can also use uacreadstringfromuser to copy character strings
from user space, and uacwritestringtouser to copy character
strings to user space. In these routines, the copy is terminated
when a null character is encountered or a maximum number of
characters has been copied. The string routines must be used when
accessing strings to avoid a double read: one read to find the end of
the string for validating the access and a second to actually read in
the string.
Constants and Data Structures
The constants and data structures used for data access validation are
defined in the include file cited in the SYNOPSIS section.
Try to avoid dependencies on the specifics of these structures, such
as size or location of fields, because these specifics may change in
later releases of the software. You can verify exact variable
definitions in the include file. The best way to avoid such
dependencies is to use kernel-supplied routines to manipulate these
structures.
psmforcedataaccessorder
This routine forces memory references to occur in the programmed
order.
All memory references that occur in the code stream before this call
must go to memory before any memory references that occur in the code
Licensed material--property of copyright holder(s) 2
data_access_validation(3K) DG/UX 5.4R3.00 data_access_validation(3K)
stream after this call. As such, this call is a single serialization
point in the code stream. This call does not require that the memory
references preceding it actually complete--it only requires that they
be ordered before any subsequent memory references. Hence this call
does not guarantee that all outstanding data access exceptions will
have occurred.
This call does not affect the ordering of memory references made
after the call, and so has no long term effect. It is only a single
serialization point.
uacreadbytesfromuser
This routine moves the specified number of bytes from the user's
address space to the kernel address space. The specified number of
bytes are moved from the source to the destination.
uacreadstringfromuser
This routine moves bytes from the user's address space to the kernel
address space up to and including the first null byte in the source
string or until the specified number of bytes has been moved.
psmstopspeculativeexecution
This routine forces speculative execution to be discontinued.
Speculative execution of this code stream is discontinued. Once the
conditional branch that originated the speculative execution has been
resolved, execution will continue after this call if the branch was
correctly predicted. If the branch was incorrectly predicted, this
code path will be abandoned.
This call does not affect new speculative execution paths started
after the call, and so has no long-term effect. It is only a single
serialization point.
uacwritebytestouser
This routine moves the specified number of bytes from the kernel
address space to the user's address space. The specified number of
bytes are moved from the source to the destination.
uacwritestringtouser
This routine moves bytes from the kernel address space to the user's
address space up to and including the first null byte in the source
string.
DIAGNOSTICS
Return Value
For uacreadbytesfromuser:
OK The bytes were successfully read from the user address
space into kernel address space.
other error statuses
The bytes could not be read because of an error. The
specific list of possible errors is too long to give
here. You can decode any status returned here using
the error status decoding methods described in the
Licensed material--property of copyright holder(s) 3
data_access_validation(3K) DG/UX 5.4R3.00 data_access_validation(3K)
statuscodemacros(3K) man page.
For uacreadstringfromuser:
OK The transfer was successful and the destination is null
terminated.
SCEFAULTSTRINGTOOLONG
The string was too long for the specified length
buffer. The transfer is terminated prematurely and the
destination is not null terminated.
other error statuses
Other return values may be simulated by the data access
exception handlers.
For uacwritebytestouser:
OK The bytes were successfully written to the user's
address space.
other error statuses
The bytes could not be written because of an error.
The specific list of possible errors is too long to
give here. You can decode any status returned here
using the error status decoding methods described in
the statuscodemacros(3K) man page.
For uacwritestringtouser:
OK The bytes were successfully written to the user's
address space.
other error statuses
The bytes could not be written because of an error.
The specific list of possible errors is too long to
give here. You can decode any status returned here
using the error status decoding methods described in
the statuscodemacros(3K) man page.
For the other routines: none.
Errors
None.
SEE ALSO
statuscodemacros(3K).
Programming in the DG/UX Kernel Environment.
Licensed material--property of copyright holder(s) 4