Re: verify_area()

Nathan Bryant (
Sun, 8 Dec 1996 10:16:28 -0500 (EST)

Okay, here's one I think I can answer. If I'm off base, let me know...

On Sun, 8 Dec 1996, Russell Berry wrote:

> I remember some blurb from linus (our saviour) about the verify_area()
> going away in the 2.1 series. With my newly compiled kernel, I did in
> fact experience this first hand when trying to recompile dosemu and
> ibcs.
> I haven't sifted through the verify_area() code well enough to claim a
> complete understanding of its function. But I'm assuming here that its
> dissappearance means that the new kernel's hard coded kernel/user space
> boundaries are now controlling the late call's functionality. Am I off
> track here??
> If this is the case, in such programs that make the call, what shall one
> do in its place? Negate the entire routine and assume lower level
> processes
> will do the right thing with our memory and data? I'm not looking for a
> complete course on kernel hacking here, just a brief description, or a
> pointer to a more in depth discussion on this particular change and its
> ramifications on the above mentioned programs, and I suppose other
> programs
> at that.

[Deep breath] What verify_area() did in kernels up to 2.0.x was to check
if a pointer that was passed to the kernel by a user-level process was
actually a valid pointer, and accessible to that process. Obviously, we
can't have the kernel dereferencing invalid pointers; that would result in
security holes and general instability.

The downside to verify_area() is that it imposes an additional calculation
on every system call where a pointer is involved. In almost all cases,
this calculation isn't needed because the pointer is valid anyway.

So, in the 2.1.x series, verify_area() has been removed, and replaced by a
new exception-handling mechanism. What this means is, the kernel runs with
the MMU page tables set such that if it tries to access memory outside of
the current process, a page fault will occur. So invalid pointers are
handled in hardware instead of software.

As for what to do with kernel code which uses verify_area(), you should
just be able to remove (or #if out) the calls to verify_area(), and if you
access any invalid pointers, the page fault mechanism will take care of
it, and kill the offending process with a SIGSEGV.

Note that iBCS is currently broken on 2.1.x, so don't bother compiling it
unless you want to try to fix it ;-) And dosemu has been redesigned to use
kernel patches instead of emumodule. If I remember correctly it's already
been updated for 2.1.x; get the latest version from

| Nathan Bryant | Resident Unix Geek |
| | Burgess Business Solutions, Inc. |