Changeset 35a3d950 in mainline

Timestamp:

2012-11-01T18:11:04Z (12 years ago)

Author:

Maurizio Lombardi <m.lombardi85@…>

Branches:

lfn, master, serial, ticket/834-toolchain-update, topic/msim-upgrade, topic/simplify-dev-export

Children:

082b7f1

Parents:

a582dff

Message:

mm: implement support to guarded address space areas

Guarded address space areas will have at least one unmapped page at both its ends. This should
prevent overflows from being undetected.

Files:

• abi/include/mm/as.h (modified) (1 diff)
• kernel/generic/src/mm/as.c (modified) (13 diffs)

abi/include/mm/as.h

@@ -37 +37 @@
 
 /** Address space area flags. */
-#define AS_AREA_READ       1
-#define AS_AREA_WRITE      2
-#define AS_AREA_EXEC       4
-#define AS_AREA_CACHEABLE  8
+#define AS_AREA_READ       0x01
+#define AS_AREA_WRITE      0x02
+#define AS_AREA_EXEC       0x04
+#define AS_AREA_CACHEABLE  0x08
+#define AS_AREA_GUARD      0x10
 
 /** Address space area info exported to uspace. */

kernel/generic/src/mm/as.c

@@ -285 +285 @@
 /** Check area conflicts with other areas.
  *
- * @param as    Address space.
- * @param addr  Starting virtual address of the area being tested.
- * @param count Number of pages in the area being tested.
- * @param avoid Do not touch this area.
+ * @param as      Address space.
+ * @param addr    Starting virtual address of the area being tested.
+ * @param count   Number of pages in the area being tested.
+ * @param guarded True if the area being tested is protected by guard pages.
+ * @param avoid   Do not touch this area.
  *
  * @return True if there is no conflict, false otherwise.
@@ -294 +295 @@
  */
 NO_TRACE static bool check_area_conflicts(as_t *as, uintptr_t addr,
-    size_t count, as_area_t *avoid)
+    size_t count, bool guarded, as_area_t *avoid)
 {
         ASSERT((addr % PAGE_SIZE) == 0);
@@ -304 +305 @@
         if (overlaps(addr, P2SZ(count), (uintptr_t) NULL, PAGE_SIZE))
                 return false;
-        
+
         /*
          * The leaf node is found in O(log n), where n is proportional to
@@ -328 +329 @@
                 if (area != avoid) {
                         mutex_lock(&area->lock);
+
+                        /* If at least one of the two areas are protected
+                         * by the AS_AREA_GUARD flag then we must be sure
+                         * that they are separated by at least one unmapped
+                         * page.
+                         */
+                        int const gp = (guarded || 
+                            (area->flags & AS_AREA_GUARD)) ? 1 : 0;
                         
                         if (overlaps(addr, P2SZ(count), area->base,
+                            P2SZ(area->pages + gp))) {
+                                mutex_unlock(&area->lock);
+                                return false;
+                        }
+                        
+                        mutex_unlock(&area->lock);
+                }
+        }
+        
+        node = btree_leaf_node_right_neighbour(&as->as_area_btree, leaf);
+        if (node) {
+                area = (as_area_t *) node->value[0];
+                
+                if (area != avoid) {
+                        mutex_lock(&area->lock);
+
+                        int const gp = (guarded ||
+                            (area->flags & AS_AREA_GUARD)) ? 1 : 0;
+                        
+                        if (overlaps(addr, P2SZ(count + gp), area->base,
                             P2SZ(area->pages))) {
                                 mutex_unlock(&area->lock);
@@ -339 +368 @@
         }
         
-        node = btree_leaf_node_right_neighbour(&as->as_area_btree, leaf);
-        if (node) {
-                area = (as_area_t *) node->value[0];
-                
-                if (area != avoid) {
-                        mutex_lock(&area->lock);
-                        
-                        if (overlaps(addr, P2SZ(count), area->base,
-                            P2SZ(area->pages))) {
-                                mutex_unlock(&area->lock);
-                                return false;
-                        }
-                        
-                        mutex_unlock(&area->lock);
-                }
-        }
-        
         /* Second, check the leaf node. */
         btree_key_t i;
@@ -365 +377 @@
                 
                 mutex_lock(&area->lock);
-                
-                if (overlaps(addr, P2SZ(count), area->base,
-                    P2SZ(area->pages))) {
+
+                int const gp = (guarded ||
+                    (area->flags & AS_AREA_GUARD)) ? 1 : 0;
+
+                if (overlaps(addr, P2SZ(count + gp), area->base,
+                    P2SZ(area->pages + gp))) {
                         mutex_unlock(&area->lock);
                         return false;
@@ -392 +407 @@
  * this function.
  *
- * @param as    Address space.
- * @param bound Lowest address bound.
- * @param size  Requested size of the allocation.
+ * @param as      Address space.
+ * @param bound   Lowest address bound.
+ * @param size    Requested size of the allocation.
+ * @param guarded True if the allocation must be protected by guard pages.
  *
  * @return Address of the beginning of unmapped address space area.
@@ -401 +417 @@
  */
 NO_TRACE static uintptr_t as_get_unmapped_area(as_t *as, uintptr_t bound,
-    size_t size)
+    size_t size, bool guarded)
 {
         ASSERT(mutex_locked(&as->lock));
@@ -423 +439 @@
         /* First check the bound address itself */
         uintptr_t addr = ALIGN_UP(bound, PAGE_SIZE);
-        if ((addr >= bound) &&
-            (check_area_conflicts(as, addr, pages, NULL)))
-                return addr;
+        if (addr >= bound) {
+                if (guarded) {
+                        /* Leave an unmapped page between the lower
+                         * bound and the area's start address.
+                         */
+                        addr += P2SZ(1);
+                }
+
+                if (check_area_conflicts(as, addr, pages, guarded, NULL))
+                        return addr;
+        }
         
         /* Eventually check the addresses behind each area */
@@ -439 +463 @@
                         addr =
                             ALIGN_UP(area->base + P2SZ(area->pages), PAGE_SIZE);
+
+                        if (guarded || area->flags & AS_AREA_GUARD) {
+                                /* We must leave an unmapped page
+                                 * between the two areas.
+                                 */
+                                addr += P2SZ(1);
+                        }
+
                         bool avail =
                             ((addr >= bound) && (addr >= area->base) &&
-                            (check_area_conflicts(as, addr, pages, area)));
+                            (check_area_conflicts(as, addr, pages, guarded, area)));
                         
                         mutex_unlock(&area->lock);
@@ -487 +519 @@
         if ((flags & AS_AREA_EXEC) && (flags & AS_AREA_WRITE))
                 return NULL;
+
+        bool const guarded = flags & AS_AREA_GUARD;
         
         mutex_lock(&as->lock);
         
         if (*base == (uintptr_t) -1) {
-                *base = as_get_unmapped_area(as, bound, size);
+                *base = as_get_unmapped_area(as, bound, size, guarded);
                 if (*base == (uintptr_t) -1) {
                         mutex_unlock(&as->lock);
@@ -497 +531 @@
                 }
         }
-        
-        if (!check_area_conflicts(as, *base, pages, NULL)) {
+
+        if (!check_area_conflicts(as, *base, pages, guarded, NULL)) {
                 mutex_unlock(&as->lock);
                 return NULL;
@@ -778 +812 @@
                  * Check for overlaps with other address space areas.
                  */
-                if (!check_area_conflicts(as, address, pages, area)) {
+                bool const guarded = area->flags & AS_AREA_GUARD;
+                if (!check_area_conflicts(as, address, pages, guarded, area)) {
                         mutex_unlock(&area->lock);
                         mutex_unlock(&as->lock);