9

I have a Linux kernel module that during it's initilisation routine writes a struct, 4KB in size into kernel memory. What I would like to do is make this memory shared, so that a single userspace process can have read-only access to this struct.

I've been told to avoid using IOCTLS as they aren't the best way to go about doing this, so from what I've read the best way to do it would be to use the function mmap, however I'm a bit confused over how to implement what I need in C.

I did look at using the function shmget, but it seems that this is designed for userspace apps that need IPC functionality.

Any advice, or even better a simple example would be greatly appreciated.

Thanks!

Tony
  • 3,587
  • 8
  • 44
  • 77

1 Answers1

0

You cannot do this securely with a direct access mechanism like mmap, because then anyone can use it.

In Linux, user memory and kernel memory are independent and implemented in separate address spaces. The address spaces are virtualized, meaning that the addresses are abstracted from physical memory. Because the address spaces are virtualized, many can exist. In fact, the kernel itself resides in one address space, and each process resides in its own address space. These address spaces consist of virtual memory addresses, permitting many processes with independent address spaces to refer to a considerably smaller physical address space (the physical memory in the machine). Not only is this convenient, but it's also secure, because each address space is independent and isolated and therefore secure.

But there's a cost associated with this security. Because each process (and the kernel) can have identical addresses that refer to different regions of physical memory, it's not immediately possible to share memory. (source)

auselen
  • 27,577
  • 7
  • 73
  • 114