Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Put an unmapped page below the kernel stack (and above struct user) to

Browse Source 
catch kernel stack overflows. This bumps UPAGES from 2 to 4 (one unmapped),
because struct user take 1 page then there's the unmapped page, and
then the 2 pages for the kernel stack. If the NOREDZONE option is
set, UPAGES is 2 as before, and no unmapped page is used.
This commit is contained in:
fvdl 2002-10-06 12:35:16 +00:00
parent 7d7fc4e3d8
commit 14c70e4627
1 changed files with 23 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
sys/arch/i386/i386/vm_machdep.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vm_machdep.c,v 1.103 2002/10/01 12:57:02 fvdl Exp $ */
/* $NetBSD: vm_machdep.c,v 1.104 2002/10/06 12:35:16 fvdl Exp $ */
/*-
* Copyright (c) 1995 Charles M. Hannum. All rights reserved.
@ -46,11 +46,12 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vm_machdep.c,v 1.103 2002/10/01 12:57:02 fvdl Exp $");
__KERNEL_RCSID(0, "$NetBSD: vm_machdep.c,v 1.104 2002/10/06 12:35:16 fvdl Exp $");
#include "opt_user_ldt.h"
#include "opt_largepages.h"
#include "opt_mtrr.h"
#include "opt_noredzone.h"
#include <sys/param.h>
#include <sys/systm.h>
@ -73,7 +74,9 @@ __KERNEL_RCSID(0, "$NetBSD: vm_machdep.c,v 1.103 2002/10/01 12:57:02 fvdl Exp $"
#include "npx.h"
void setredzone __P((u_short *, caddr_t));
#ifndef NOREDZONE
static void setredzone __P((struct proc *p));
#endif
/*
* Finish a fork operation, with process p2 nearly set up.
@ -147,6 +150,9 @@ cpu_fork(p1, p2, stack, stacksize, func, arg)
p2->p_md.md_regs = tf = (struct trapframe *)pcb->pcb_tss.tss_esp0 - 1;
*tf = *p1->p_md.md_regs;
#ifndef NOREDZONE
setredzone(p2);
#endif
/*
* If specified, give the child a different stack.
*/
@ -161,6 +167,15 @@ cpu_fork(p1, p2, stack, stacksize, func, arg)
pcb->pcb_ebp = 0;
}
void
cpu_swapin(p)
struct proc *p;
{
#ifndef NOREDZONE
setredzone(p);
#endif
}
void
cpu_swapout(p)
struct proc *p;
@ -281,23 +296,15 @@ cpu_coredump(p, vp, cred, chdr)
return 0;
}
#if 0
#ifndef NOREDZONE
/*
* Set a red zone in the kernel stack after the u. area.
*/
void
setredzone(pte, vaddr)
u_short *pte;
caddr_t vaddr;
static void
setredzone(struct proc *p)
{
/* eventually do this by setting up an expand-down stack segment
for ss0: selector, allowing stack access down to top of u.
this means though that protection violations need to be handled
thru a double fault exception that must do an integral task
switch to a known good context, within which a dump can be
taken. a sensible scheme might be to save the initial context
used by sched (that has physical memory mapped 1:1 at bottom)
and take the dump while still in mapped mode */
pmap_remove(pmap_kernel(), (vaddr_t)p->p_addr + PAGE_SIZE,
(vaddr_t)p->p_addr + 2 * PAGE_SIZE);
}
#endif