"During system calls, the user mode thread’s access to the system call and
the *passed-in parameters are all validated*.
I think this is a fine thing to do and would welcome such checks into
the OS. We would have to be careful. In the case of read(), for example:
ssize_t read(int fd, FAR void *buf, size_t nbytes);
The read logic is also used by the OS internally, so the check would
have to implemented such that the kernel can still modify kernel
memory. But that is pretty easy: The kernel does not use read()
directly. The kernel will use nx_read() or, more likely file_read().
So only uset code would actually call read(). read() is just a stub
around nx_read() that handles cancellation points and sets the errno
value. So it would be the perfect place to add a check if the 'buf'
resides in kernel memory. If so, return error.
Greg