From a3716901ce8b47e2637db087724fbe1f56122819 Mon Sep 17 00:00:00 2001 From: Adrien Bourmault Date: Wed, 22 May 2019 08:11:50 +0200 Subject: [PATCH] Stack Overflow detected ! --- include/mm/mm.h | 10 ++++++++++ kaleid/kernel/ke/idt.c | 32 ++++++++++++++++++++------------ kaleid/kernel/mm/paging.c | 22 +++++++++++++++------- 3 files changed, 45 insertions(+), 19 deletions(-) diff --git a/include/mm/mm.h b/include/mm/mm.h index 897e7a5..f0c7707 100644 --- a/include/mm/mm.h +++ b/include/mm/mm.h @@ -158,6 +158,16 @@ extern void MmLoadGdt(GdtPtr_t *gdtPtr, ushort tssOffset); // extern void MmStoreGdt(void); +// +// Returns the address of the stack guard pages +// +void *MmGetStackGuards(char rank); + +// +// Translate a virtual address into physical address +// +void *MmTranslateKPageToAddr(void *rank); + //----------------------------------------------------------------------------// #endif diff --git a/kaleid/kernel/ke/idt.c b/kaleid/kernel/ke/idt.c index 873c2ad..f877b92 100644 --- a/kaleid/kernel/ke/idt.c +++ b/kaleid/kernel/ke/idt.c @@ -26,13 +26,12 @@ #include #include #include +#include IdtEntry_t idt[256] = { 0 }; IdtPtr_t _KeIdtPtr; bool KeIdtIsInitialized = 0; -extern ulong *MmStackGuards[2]; - static ISRList_t isrList = { 0 }; static char *ExceptionsChar[32] = { @@ -74,9 +73,6 @@ static void EnablePIC(void); static void EarlyExceptionHandler(ISRFrame_t *regs); static void DoubleFaultHandler(ISRFrame_t *regs); -//paging.c -ulong *MmGetStackGuards(void); - // // Registers an isr with his IRQ to handle driver interrupts // @@ -305,18 +301,30 @@ static void EarlyExceptionHandler(ISRFrame_t *regs) static void DoubleFaultHandler(ISRFrame_t *regs) { - bprintf(BStdOut, "test : %p\n", (ulong)(MmGetStackGuards())[0] + 4*KB); + ulong StackGuardOne = (ulong)MmGetStackGuards(0); + ulong StackGuardTwo = (ulong)MmGetStackGuards(1); - if (regs->rsp <= (ulong)(MmGetStackGuards())[0] + 4*KB) { + if (regs->rsp <= StackGuardTwo + 4*KB) { bprintf(BStdOut, - "\n\n%CPANIC\n[ISR 0x8] Irrecoverable Kernel Stack Overflow%s\n\n" - " Error code : 0x%x (%b)", + "\n\n%CPANIC\n[ISR 0x8] Irrecoverable Kernel Stack Overflow\n\n" + " Double Fault Error code : %#x (%b)\n" + " Stack Guard bypassed : %#x", VGA_COLOR_LIGHT_RED, - regs->intNo, - ExceptionsChar[regs->intNo], regs->ErrorCode, - regs->ErrorCode + regs->ErrorCode, + StackGuardTwo + ); + } else if (regs->rsp <= StackGuardOne) { + bprintf(BStdOut, + "\n\n%CPANIC\n[ISR 0x8] Irrecoverable Kernel Stack Underflow\n\n" + " Double Fault Error code : %#x (%b)\n" + " Stack Guard bypassed : %#x", + + VGA_COLOR_LIGHT_RED, + regs->ErrorCode, + regs->ErrorCode, + StackGuardOne ); } else { bprintf(BStdOut, diff --git a/kaleid/kernel/mm/paging.c b/kaleid/kernel/mm/paging.c index d6ec008..6f81444 100644 --- a/kaleid/kernel/mm/paging.c +++ b/kaleid/kernel/mm/paging.c @@ -20,6 +20,7 @@ typedef ulong pte_t; void MmLoadPML4(void *); void MmEnableWriteProtect(void); void MmDisableWriteProtect(void); +void *MmGetStackGuards(char rank); enum { @@ -67,7 +68,7 @@ void MmInitPaging(void) // STACK GUARD PAGE if ((ulong)(i*KPAGESIZE) == (ulong)BtLoaderInfo.stackEndAddr) { MmPT[i] = ((ulong)(i*KPAGESIZE)); - MmStackGuards[0] = i; + MmStackGuards[0] = ((ulong)(i*KPAGESIZE)); continue; } @@ -79,7 +80,7 @@ void MmInitPaging(void) // STACK GARD PAGE if ((ulong)(i*KPAGESIZE) == (ulong)BtLoaderInfo.kernelEndAddr) { MmPT[i] = ((ulong)(i*KPAGESIZE)); - MmStackGuards[1] = i; + MmStackGuards[1] = ((ulong)(i*KPAGESIZE)); continue; } @@ -160,6 +161,18 @@ void MmReloadPaging(void) DebugLog("Stack Guards at %p, %p\n", MmStackGuards[0], MmStackGuards[1]); } +// Returns the rank of the Stack Guards +void *MmGetStackGuards(char rank) +{ + return (void *)MmStackGuards[(int)rank]; +} + +// Returns an address corresponding to the PT rank +void *MmTranslateKPageToAddr(void *rank) +{ + return (void *)MmPT[(ulong)rank]; +} + // // Page fault handler // @@ -186,8 +199,3 @@ void MmActivatePageHandler(void) { KeRegisterISR(PagingHandler, 0xe); } - -ulong *MmGetStackGuards(void) -{ - return &MmStackGuards[0]; -}