i meant that, if userspace wants to read some kernel memory, it can pass
the kernel pointer to eg. write system call as the buffer argument,
and then read the contents of the file.
I guess I still don't understand. Access is still via file descriptor.
You could certainly clobber kernel memory with a read in that way. But
it is not clear how you could read the kernel memory into user space.
my question was if these kinds of checks were for some reasons considered
unnecessary for nuttx.
At this point, there were never considered at all. Whenever I find
security issues in PROTECTED builds, I add that to the TODO list (if I
don't fix them).
Greg
