From owner-freebsd-questions@FreeBSD.ORG Mon Feb 1 08:12:11 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 05828106566C for ; Mon, 1 Feb 2010 08:12:11 +0000 (UTC) (envelope-from furukawa@itslab.csce.kyushu-u.ac.jp) Received: from itslab.csce.kyushu-u.ac.jp (itslab.csce.kyushu-u.ac.jp [133.5.17.190]) by mx1.freebsd.org (Postfix) with ESMTP id A56AB8FC1C for ; Mon, 1 Feb 2010 08:12:10 +0000 (UTC) Received: from d17-098.csce.kyushu-u.ac.jp (d17-098.csce.kyushu-u.ac.jp [133.5.17.98]) by itslab.csce.kyushu-u.ac.jp (8.13.4/8.13.4) with ESMTP id o117uVFG005718 for ; Mon, 1 Feb 2010 16:56:32 +0900 (JST) Message-ID: <4B66892F.3040105@itslab.csce.kyushu-u.ac.jp> Date: Mon, 01 Feb 2010 16:56:31 +0900 From: Jun Furukawa User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: How can I copy the data of buf in kernel space to the uio structhre in user space. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2010 08:12:11 -0000 Hi, For my research, I am now hooking the function vn_write(). This is the part of the source code. #include /* module */ #include /* module */ #include /* module */ #include /* size_t, copystr */ #include /* copystr */ #include /* struct thread */ #include /* vnops */ #include /* msdosfs_vnodeops */ int fo_write_hook(struct file *fp, struct uio *uio, struct ucred *active_cred, int flags, struct thread *td); typedef int (*fow_t)(struct file*, struct uio*, struct ucred*, int flags, struct thread*); fow_t old_fo_write; static char mybuf[256+1]; static size_t len; /* vn_write hook */ int vn_write_hook(struct file *fp, struct uio *uio, struct ucred *active_cred, int flags, struct thread *td) { ... int error; memset(&mybuf, '\0', 257); error = copyinstr(uio->uio_iov->iov_base, mybuf, 256, &len); if (error != 0) { uprintf("Cannot write data to kernel space\n"); } /* encrypt the data by ceaser algorithm */ for (int i = 0; i < len ; i++) mybuf[i] += 3; error = copystr(&mybuf, uio->uio_iov->iov_base, 257, &len); if (error != 0) { uprintf("Cannot write data to user space\n"); } ... return (old_vn_write(fp, uio, active_cred, flags, td)); } This software is implemented as a kernel module. After I installed this software and execute cp command, vn_write_hook function is executed. However, when copystr(&mybuf, uio->uio_iov->iov_base, 257, &len) is executed, kernel goes to panic. I referenced /usr/share/examples/kld/cdev/module/cdev.c for writing the part of program that copies buffer in kernel space to a buf in user space program. However, as we have seen, this doesn't work appropriately. How can I solve this problem? Please give me your help. --Jun Furukawa