From 14c70e46274ec2ec6ab402f2a02d1beab0f41639 Mon Sep 17 00:00:00 2001 From: fvdl Date: Sun, 6 Oct 2002 12:35:16 +0000 Subject: [PATCH] Put an unmapped page below the kernel stack (and above struct user) to catch kernel stack overflows. This bumps UPAGES from 2 to 4 (one unmapped), because struct user take 1 page then there's the unmapped page, and then the 2 pages for the kernel stack. If the NOREDZONE option is set, UPAGES is 2 as before, and no unmapped page is used. --- sys/arch/i386/i386/vm_machdep.c | 39 +++++++++++++++++++-------------- 1 file changed, 23 insertions(+), 16 deletions(-) diff --git a/sys/arch/i386/i386/vm_machdep.c b/sys/arch/i386/i386/vm_machdep.c index 2f64fbd0e9a5..3acf2130d669 100644 --- a/sys/arch/i386/i386/vm_machdep.c +++ b/sys/arch/i386/i386/vm_machdep.c @@ -1,4 +1,4 @@ -/* $NetBSD: vm_machdep.c,v 1.103 2002/10/01 12:57:02 fvdl Exp $ */ +/* $NetBSD: vm_machdep.c,v 1.104 2002/10/06 12:35:16 fvdl Exp $ */ /*- * Copyright (c) 1995 Charles M. Hannum. All rights reserved. @@ -46,11 +46,12 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: vm_machdep.c,v 1.103 2002/10/01 12:57:02 fvdl Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vm_machdep.c,v 1.104 2002/10/06 12:35:16 fvdl Exp $"); #include "opt_user_ldt.h" #include "opt_largepages.h" #include "opt_mtrr.h" +#include "opt_noredzone.h" #include #include @@ -73,7 +74,9 @@ __KERNEL_RCSID(0, "$NetBSD: vm_machdep.c,v 1.103 2002/10/01 12:57:02 fvdl Exp $" #include "npx.h" -void setredzone __P((u_short *, caddr_t)); +#ifndef NOREDZONE +static void setredzone __P((struct proc *p)); +#endif /* * Finish a fork operation, with process p2 nearly set up. @@ -147,6 +150,9 @@ cpu_fork(p1, p2, stack, stacksize, func, arg) p2->p_md.md_regs = tf = (struct trapframe *)pcb->pcb_tss.tss_esp0 - 1; *tf = *p1->p_md.md_regs; +#ifndef NOREDZONE + setredzone(p2); +#endif /* * If specified, give the child a different stack. */ @@ -161,6 +167,15 @@ cpu_fork(p1, p2, stack, stacksize, func, arg) pcb->pcb_ebp = 0; } +void +cpu_swapin(p) + struct proc *p; +{ +#ifndef NOREDZONE + setredzone(p); +#endif +} + void cpu_swapout(p) struct proc *p; @@ -281,23 +296,15 @@ cpu_coredump(p, vp, cred, chdr) return 0; } -#if 0 +#ifndef NOREDZONE /* * Set a red zone in the kernel stack after the u. area. */ -void -setredzone(pte, vaddr) - u_short *pte; - caddr_t vaddr; +static void +setredzone(struct proc *p) { -/* eventually do this by setting up an expand-down stack segment - for ss0: selector, allowing stack access down to top of u. - this means though that protection violations need to be handled - thru a double fault exception that must do an integral task - switch to a known good context, within which a dump can be - taken. a sensible scheme might be to save the initial context - used by sched (that has physical memory mapped 1:1 at bottom) - and take the dump while still in mapped mode */ + pmap_remove(pmap_kernel(), (vaddr_t)p->p_addr + PAGE_SIZE, + (vaddr_t)p->p_addr + 2 * PAGE_SIZE); } #endif