diff options
| author | Andreas Kling <awesomekling@gmail.com> | 2019-12-15 22:21:28 +0100 |
|---|---|---|
| committer | Andreas Kling <awesomekling@gmail.com> | 2019-12-15 22:21:28 +0100 |
| commit | 0a75a46501d45f8f537934191227d07d0f1a44ca (patch) | |
| tree | 1bb4785face1bdb098a9f96109a585e2487f6454 | |
| parent | 77cf607cdabfdf9231767556b86e85be0f40b20b (diff) | |
| download | serenity-0a75a46501d45f8f537934191227d07d0f1a44ca.zip | |
Kernel: Make sure the kernel info page is read-only for userspace
To enforce this, we create two separate mappings of the same underlying
physical page. A writable mapping for the kernel, and a read-only one
for userspace (the one returned by sys$get_kernel_info_page.)
| -rw-r--r-- | Kernel/Process.cpp | 21 | ||||
| -rw-r--r-- | Kernel/VM/MemoryManager.cpp | 11 | ||||
| -rw-r--r-- | Kernel/VM/MemoryManager.h | 1 |
3 files changed, 26 insertions, 7 deletions
diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp index b3d37d92ed..c2df92b9a3 100644 --- a/Kernel/Process.cpp +++ b/Kernel/Process.cpp @@ -58,7 +58,8 @@ static pid_t next_pid; InlineLinkedList<Process>* g_processes; static String* s_hostname; static Lock* s_hostname_lock; -static VirtualAddress s_info_page_address; +static VirtualAddress s_info_page_address_for_userspace; +static VirtualAddress s_info_page_address_for_kernel; VirtualAddress g_return_to_ring3_from_signal_trampoline; VirtualAddress g_return_to_ring0_from_signal_trampoline; HashMap<String, OwnPtr<Module>>* g_modules; @@ -78,7 +79,7 @@ void Process::initialize() void Process::update_info_page_timestamp(const timeval& tv) { - auto* info_page = (KernelInfoPage*)s_info_page_address.as_ptr(); + auto* info_page = (KernelInfoPage*)s_info_page_address_for_kernel.as_ptr(); info_page->serial++; const_cast<timeval&>(info_page->now) = tv; } @@ -994,9 +995,15 @@ void create_signal_trampolines() void create_kernel_info_page() { - auto* info_page_region = MM.allocate_user_accessible_kernel_region(PAGE_SIZE, "Kernel info page").leak_ptr(); - s_info_page_address = info_page_region->vaddr(); - memset(s_info_page_address.as_ptr(), 0, PAGE_SIZE); + auto* info_page_region_for_userspace = MM.allocate_user_accessible_kernel_region(PAGE_SIZE, "Kernel info page").leak_ptr(); + auto* info_page_region_for_kernel = MM.allocate_kernel_region_with_vmobject(info_page_region_for_userspace->vmobject(), PAGE_SIZE, "Kernel info page").leak_ptr(); + s_info_page_address_for_userspace = info_page_region_for_userspace->vaddr(); + s_info_page_address_for_kernel = info_page_region_for_kernel->vaddr(); + + memset(s_info_page_address_for_kernel.as_ptr(), 0, PAGE_SIZE); + + info_page_region_for_userspace->set_writable(false); + info_page_region_for_userspace->remap(); } int Process::sys$restore_signal_mask(u32 mask) @@ -1700,7 +1707,7 @@ int Process::sys$sleep(unsigned seconds) timeval kgettimeofday() { - return const_cast<const timeval&>(((KernelInfoPage*)s_info_page_address.as_ptr())->now); + return const_cast<const timeval&>(((KernelInfoPage*)s_info_page_address_for_kernel.as_ptr())->now); } void kgettimeofday(timeval& tv) @@ -3751,5 +3758,5 @@ int Process::sys$profiling_disable(pid_t pid) void* Process::sys$get_kernel_info_page() { - return s_info_page_address.as_ptr(); + return s_info_page_address_for_userspace.as_ptr(); } diff --git a/Kernel/VM/MemoryManager.cpp b/Kernel/VM/MemoryManager.cpp index 5515411d6c..92e240ecff 100644 --- a/Kernel/VM/MemoryManager.cpp +++ b/Kernel/VM/MemoryManager.cpp @@ -369,6 +369,17 @@ OwnPtr<Region> MemoryManager::allocate_user_accessible_kernel_region(size_t size return allocate_kernel_region(size, name, true); } +OwnPtr<Region> MemoryManager::allocate_kernel_region_with_vmobject(VMObject& vmobject, size_t size, const StringView& name) +{ + InterruptDisabler disabler; + ASSERT(!(size % PAGE_SIZE)); + auto range = kernel_page_directory().range_allocator().allocate_anywhere(size); + ASSERT(range.is_valid()); + auto region = make<Region>(range, vmobject, 0, name, PROT_READ | PROT_WRITE | PROT_EXEC); + region->map(kernel_page_directory()); + return region; +} + void MemoryManager::deallocate_user_physical_page(PhysicalPage&& page) { for (auto& region : m_user_physical_regions) { diff --git a/Kernel/VM/MemoryManager.h b/Kernel/VM/MemoryManager.h index 816c7d4fdb..a422e9b7e0 100644 --- a/Kernel/VM/MemoryManager.h +++ b/Kernel/VM/MemoryManager.h @@ -63,6 +63,7 @@ public: void map_for_kernel(VirtualAddress, PhysicalAddress, bool cache_disabled = false); OwnPtr<Region> allocate_kernel_region(size_t, const StringView& name, bool user_accessible = false, bool should_commit = true); + OwnPtr<Region> allocate_kernel_region_with_vmobject(VMObject&, size_t, const StringView& name); OwnPtr<Region> allocate_user_accessible_kernel_region(size_t, const StringView& name); unsigned user_physical_pages() const { return m_user_physical_pages; } |