[Xenomai] SMAP-detected direct userspace access

Jan Kiszka jan.kiszka at siemens.com
Fri Dec 18 17:23:55 CET 2015

Hi all,

I know this is legacy code, but this is where we currently stumbled into
it, and maybe the same pattern also exists in 3.x:


more precisely:

    return pse51_mutex_check_init(&umx->shadow_mutex, attr);

Here we pass the userspace object for initialization to the core instead
of handing over the kernel shadow and then copying over the result. Is
there a reason for this? Could we have more of such cases?

Background: SMAP detects and prevents any direct userspace memory access
on x86 except or those that are wrapped in stac() and clac() (which
toggle a bit in eflags). Generally a useful feature we should allow to
be enabled for robustness reasons.


Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux

More information about the Xenomai mailing list