Orion

diff --git a/mem/user.c b/mem/user.c
new file mode 100644
index 0000000..b9ed273
--- /dev/null
+++ b/mem/user.c
@@ -0,0 +1,37 @@
+/*
+ * This file handles safely getting data from userspace for the Kernel.  This is
+ * for security reasons to prevent the user from tricking a syscall into
+ * manipulating/leaking Kernel data structures.  User memory is defined as any
+ * address range that completely sits in a Virtual Memory Region.
+ */
+
+#include <stdint.h>
+#include <string.h>
+#include "vm.h"
+#include "../task/task.h"
+
+/* User can read this address */
+int
+verify_access(const void *addr, size_t len, int prot)
+{
+	if (!in_syscall() || !addr || !len)
+		return 1;
+
+	/* Iterate all user memory regions */
+	VMRegion *head;
+	for (head = current->vm->regions; head; head = head->next) {
+		if ((uintptr_t) addr >= head->start
+		 && ((uintptr_t) addr + len) < head->end)
+			break;
+	}
+	if (!head) {
+		head = current->stack;
+		if ((uintptr_t) addr < head->start
+		 || ((uintptr_t) addr + len) >= head->end)
+			head = NULL;
+	}
+	/* No fitting region */
+	if (!head)
+		return 0;
+	return (head->prot & prot);
+}