[src/trunk]: src/sys/arch Put two KASSERTs, to make sure the fault is happeni...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/arch Put two KASSERTs, to make sure the fault is happeni...
From: maxv <maxv%NetBSD.org@localhost>
Date: Tue, 31 Jul 2018 20:28:01 +0000

details:   https://anonhg.NetBSD.org/src/rev/b38f6bda58cb
branches:  trunk
changeset: 347781:b38f6bda58cb
user:      maxv <maxv%NetBSD.org@localhost>
date:      Fri Sep 16 11:48:10 2016 +0000

description:
Put two KASSERTs, to make sure the fault is happening in the correct
half of the vm space when using special copy functions. It can detect
bugs where the kernel would fault when copying a kernel buffer which
it wrongly believes comes from userland.

diffstat:

 sys/arch/amd64/amd64/trap.c |  8 ++++++--
 sys/arch/i386/i386/trap.c   |  8 ++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diffs (58 lines):

diff -r 9e8f30d49db1 -r b38f6bda58cb sys/arch/amd64/amd64/trap.c
--- a/sys/arch/amd64/amd64/trap.c       Fri Sep 16 11:41:40 2016 +0000
+++ b/sys/arch/amd64/amd64/trap.c       Fri Sep 16 11:48:10 2016 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: trap.c,v 1.84 2016/08/11 14:58:29 maxv Exp $   */
+/*     $NetBSD: trap.c,v 1.85 2016/09/16 11:48:10 maxv Exp $   */
 
 /*-
  * Copyright (c) 1998, 2000 The NetBSD Foundation, Inc.
@@ -68,7 +68,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: trap.c,v 1.84 2016/08/11 14:58:29 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: trap.c,v 1.85 2016/09/16 11:48:10 maxv Exp $");
 
 #include "opt_ddb.h"
 #include "opt_kgdb.h"
@@ -310,6 +310,10 @@
 copyefault:
                        error = EFAULT;
 copyfault:
+                       KASSERT(onfault == kcopy_fault ||
+                           rcr2() < VM_MAXUSER_ADDRESS);
+                       KASSERT(onfault != kcopy_fault ||
+                           rcr2() >= VM_MAXUSER_ADDRESS);
                        frame->tf_rip = (uintptr_t)onfault;
                        frame->tf_rax = error;
                        return;
diff -r 9e8f30d49db1 -r b38f6bda58cb sys/arch/i386/i386/trap.c
--- a/sys/arch/i386/i386/trap.c Fri Sep 16 11:41:40 2016 +0000
+++ b/sys/arch/i386/i386/trap.c Fri Sep 16 11:48:10 2016 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: trap.c,v 1.278 2016/08/11 15:03:23 maxv Exp $  */
+/*     $NetBSD: trap.c,v 1.279 2016/09/16 11:48:10 maxv Exp $  */
 
 /*-
  * Copyright (c) 1998, 2000, 2005, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -68,7 +68,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: trap.c,v 1.278 2016/08/11 15:03:23 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: trap.c,v 1.279 2016/09/16 11:48:10 maxv Exp $");
 
 #include "opt_ddb.h"
 #include "opt_kgdb.h"
@@ -354,6 +354,10 @@
 copyefault:
                        error = EFAULT;
 copyfault:
+                       KASSERT(onfault == kcopy_fault ||
+                           rcr2() < VM_MAXUSER_ADDRESS);
+                       KASSERT(onfault != kcopy_fault ||
+                           rcr2() >= VM_MAXUSER_ADDRESS);
                        frame->tf_eip = (uintptr_t)onfault;
                        frame->tf_eax = error;
                        return;

Prev by Date: [src/trunk]: src/sys/dev/ic make nvme_dumpregs() compile when NVME_DEBUG is d...
Next by Date: [src/trunk]: src/share/man/man4 document some bugs
Previous by Thread: [src/trunk]: src/sys/dev/ic make nvme_dumpregs() compile when NVME_DEBUG is d...
Next by Thread: [src/trunk]: src/share/man/man4 document some bugs
Indexes:

Home | Main Index | Thread Index | Old Index