strdup & free in protected build

[Jukka Laitinen <ju...@ssrc.tii.ae>]

Hi,

I think that there is the following weirdness in strdup;

The function is made to allocate memory from kernel or user-space heap 
according to where it is used, via lib_malloc.

But, there is no similar transparent way to free the memory. Normally, 
when using strdup, you'd simply use "free", as also instructed in linux 
man page. But this would, of course, in protected build always try to 
free it from the user-space heap. Doing this is extremely bad, as not 
only it doesn't free anything, it also leaves the kernel side pointer 
into user side heap's nodelist, and may give that to someone else. Just 
spent half-a-day debugging a crash because of this...

Now, as long as you know where your data is, this is perhaps not a 
problem. It is always possible to just call either free or kmm_free (or 
via lib_free macro). But the strdup may be also baked into a library, or 
a c++ class, which is intended to be used on both sides.

I wonder if there is some nice way to avoid this kind of asymmetry?

br,

Jukka Laitinen