i am developing a solaris driver for a custom made IO card. I have a simple question. I have completed development and provide an entry point for pread in driver. When a legal user space address is passed over pread everything is fine data is read correctly. But when an illegal address buffer is passed to driver, kernel panics and system is restarted.
I handle NULL pointer in driver but how can driver check/recover or just create a segmentation fault without kernel panic when pread is called to read from device to a user space buffer that is NON-NULL illegal address. This problem is applicable for pwrite also by the way?
Thanks in advance.
hi actually i am not using ddi_copyin or out.
i read the man for ddi_copyin but couldnt find to how to match parameters of read/write entry points, e.g struct uio to ddi_copyin.
for pwrite i am using uiomove to copy user data to kernel space, then copy data to device by ddi_put32. and for pread i am using the opposite way.
uiomove is the point where kernel panics i guess.
i tried uwritec and ureadc instead of uiomove nothing different...
no actually that is not the case. in my seg_flg is UIO_USERSPACE which is set by system(transfer between user and kernel). no conflict on that. the problem is if user space buffer is an invalid address uiomove panics system.
i guess nothing to do with that. i will have to rewrite my read/write over ioctl entry point and hope that ddi_copyin/out wont panic the kernel. or just live with that weird situation and be careful while calling pread/pwrite on application side :)
ok problem solved. problem was nothing to do with wrong address. apparently my driver mistakenly re-call mutex_exıt and kernel panic for that matter.
i have related question. for passing data to kernel space i tried uiomove and ddi_copyin and saw that ddi_copyin is much more slower than uimove (20 microsecond vs 150 microsecond). Is this normal?