use of __force_user in place of __user

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

use of __force_user in place of __user

Postby johnspaul92 » Wed May 29, 2013 4:01 am

In the function Init/main.c the GrSecurity patch modifies
if (sys_access((const char __user *) ramdisk_execute_command, 0) != 0)
as
if (sys_access((const char __force_user *) ramdisk_execute_command, 0) != 0)
What is the use of __force here???
And it is showing an error for me during building process. Iam actually trying to apply these patches on kernel 3.10
johnspaul92
 
Posts: 6
Joined: Mon May 27, 2013 4:17 am

Re: use of __force_user in place of __user

Postby PaX Team » Wed May 29, 2013 5:20 am

johnspaul92 wrote:What is the use of __force here???
__user, __force and others are annotations used by the sparse checker. some time ago i wrote a simple gcc plugin that tried to use the then nascent address space support in gcc to simulate the behaviour of sparse and some of these annotations. one problem i ran into at the time was that i needed a single annotation for the __force __user and similar combinations and had to introduce __force_user (and others) for this reason. on non-sparse compilations or where this plugin is not enabled (and by default it isn't, there's not even a config option for it as it's so experimental, pass CONFIG_CHECKER_PLUGIN=y to make to enable it but don't expect it to get far) these annotations are defined away so you should not see any problems from their presence.
And it is showing an error for me during building process. Iam actually trying to apply these patches on kernel 3.10
you can't apply a patch meant for 3.9 or earlier to work on 3.10, our code needs proper porting which is a non-trivial effort as you no doubt figured it out since ;).
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm


Return to grsecurity support