Changeset e13daa5d in mainline for kernel/arch/amd64/src

Timestamp:

2008-03-19T21:13:49Z (18 years ago)

Author:

Jakub Jermar <jakub@…>

Branches:

lfn, master, serial, ticket/834-toolchain-update, topic/msim-upgrade, topic/simplify-dev-export

Children:

047aa46

Parents:

20b8bf3

Message:

Fortify ia32 and amd64 kernels against mallicious uspace applications that set
DF prior to entering the kernel. For AMD64 syscalls, we don't use the CLD
instruction, but make use of the SFMASK MSR instead. Simics works fine with
it, but QEMU seems to have a problem.

Location:

kernel/arch/amd64/src

Files:

• asm_utils.S (modified) (1 diff)
• boot/boot.S (modified) (4 diffs)
• syscall.c (modified) (1 diff)

kernel/arch/amd64/src/asm_utils.S

@@ -249 +249 @@
 
         save_all_gpr
+        cld
 
         movq $(\i), %rdi        # %rdi - first parameter

kernel/arch/amd64/src/boot/boot.S

@@ -55 +55 @@
 
 multiboot_image_start:
+        cld
         movl $START_STACK, %esp                 # initialize stack pointer
         lgdtl bootstrap_gdtr                    # initialize Global Descriptor Table register
@@ -127 +128 @@
         mov $VESA_INIT_SEGMENT << 4, %edi
         mov $e_vesa_init - vesa_init, %ecx
-        cld
         rep movsb
 
@@ -283 +283 @@
         movq $AP_BOOT_OFFSET, %rdi
         movq $_hardcoded_unmapped_size, %rcx
-        cld
         rep movsb
         
@@ -557 +556 @@
         
         movw $0x0c00, %ax                               # black background, light red foreground
-        cld
         
         ploop:

kernel/arch/amd64/src/syscall.c

@@ -63 +63 @@
         /* Mask RFLAGS on syscall 
          * - disable interrupts, until we exchange the stack register
-         *   (mask the IE bit)
+         *   (mask the IF bit)
+         * - clear DF so that the string instructions operate in
+         *   the right direction
          */
-        write_msr(AMD_MSR_SFMASK, 0x200);
+        write_msr(AMD_MSR_SFMASK, RFLAGS_IF | RFLAGS_DF);
 }