0ct0pu5/ladybird
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

Kernel: Set NX bit for virtual addresses 0-1MB and 2-8MB

Browse source 
This removes the ability to jump into kmalloc memory, etc.
Only the kernel image itself is allowed to exec, located between 1-2MB.
This commit is contained in:
Andreas Kling 2019-12-25 22:23:10 +01:00
parent d3b40547f7
commit 0b7a2e0a5a
Notes: sideshowbarker 2024-07-19 10:40:29 +09:00
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
Kernel/VM/MemoryManager.cpp
View file

@ -56,6 +56,14 @@ void MemoryManager::initialize_paging()
// Every process shares these mappings. // Every process shares these mappings.
create_identity_mapping(kernel_page_directory(), VirtualAddress(PAGE_SIZE), (8 * MB) - PAGE_SIZE); create_identity_mapping(kernel_page_directory(), VirtualAddress(PAGE_SIZE), (8 * MB) - PAGE_SIZE);
// Disable execution from 0MB through 1MB (BIOS data, legacy things, ...)
for (size_t i = 0; i < (1 * MB); ++i)
ensure_pte(kernel_page_directory(), VirtualAddress(i)).set_execute_disabled(true);
// Disable execution from 2MB through 8MB (kmalloc, kmalloc_eternal, slabs, page tables, ...)
for (size_t i = 1; i < 4; ++i)
kernel_page_directory().table().directory(0)[i].set_execute_disabled(true);
// FIXME: We should move everything kernel-related above the 0xc0000000 virtual mark. // FIXME: We should move everything kernel-related above the 0xc0000000 virtual mark.
// Basic physical memory map: // Basic physical memory map: