Kernel: Never validate access to the kmalloc memory range

Memory validation is used to verify that user syscalls are allowed to
access a given memory range. Ring 0 threads never make syscalls, and
so will never end up in validation anyway.

The reason we were allowing kmalloc memory accesses is because kernel
thread stacks used to be allocated in kmalloc memory. Since that's no
longer the case, we can stop making exceptions for kmalloc in the
validation code.
This commit is contained in:
Andreas Kling 2020-01-27 12:43:21 +01:00
parent 23ffd6c319
commit c1f74bf327
Notes: sideshowbarker 2024-07-19 09:46:43 +09:00
3 changed files with 2 additions and 27 deletions

View file

@ -66,13 +66,6 @@ bool g_dump_kmalloc_stacks;
static u8* s_next_eternal_ptr; static u8* s_next_eternal_ptr;
static u8* s_end_of_eternal_range; static u8* s_end_of_eternal_range;
bool is_kmalloc_address(const void* ptr)
{
if (ptr >= (u8*)ETERNAL_BASE_PHYSICAL && ptr < s_next_eternal_ptr)
return true;
return (size_t)ptr >= BASE_PHYSICAL && (size_t)ptr <= (BASE_PHYSICAL + POOL_SIZE);
}
void kmalloc_init() void kmalloc_init()
{ {
memset(&alloc_map, 0, sizeof(alloc_map)); memset(&alloc_map, 0, sizeof(alloc_map));

View file

@ -39,8 +39,6 @@ void* krealloc(void*, size_t);
void kfree(void*); void kfree(void*);
void kfree_aligned(void*); void kfree_aligned(void*);
bool is_kmalloc_address(const void*);
extern volatile size_t sum_alloc; extern volatile size_t sum_alloc;
extern volatile size_t sum_free; extern volatile size_t sum_free;
extern volatile size_t kmalloc_sum_eternal; extern volatile size_t kmalloc_sum_eternal;

View file

@ -2335,37 +2335,21 @@ bool Process::validate_read_from_kernel(VirtualAddress vaddr, ssize_t size) cons
{ {
if (vaddr.is_null()) if (vaddr.is_null())
return false; return false;
// We check extra carefully here since the first 4MB of the address space is identity-mapped.
// This code allows access outside of the known used address ranges to get caught.
if (is_kmalloc_address(vaddr.as_ptr()))
return true;
return MM.validate_kernel_read(*this, vaddr, size); return MM.validate_kernel_read(*this, vaddr, size);
} }
bool Process::validate_read(const void* address, ssize_t size) const bool Process::validate_read(const void* address, ssize_t size) const
{ {
ASSERT(size >= 0);
VirtualAddress first_address((uintptr_t)address);
if (is_ring0()) {
if (is_kmalloc_address(address))
return true;
}
if (!size) if (!size)
return false; return false;
return MM.validate_user_read(*this, first_address, size); return MM.validate_user_read(*this, VirtualAddress(address), size);
} }
bool Process::validate_write(void* address, ssize_t size) const bool Process::validate_write(void* address, ssize_t size) const
{ {
ASSERT(size >= 0);
VirtualAddress first_address((uintptr_t)address);
if (is_ring0()) {
if (is_kmalloc_address(address))
return true;
}
if (!size) if (!size)
return false; return false;
return MM.validate_user_write(*this, first_address, size); return MM.validate_user_write(*this, VirtualAddress(address), size);
} }
pid_t Process::sys$getsid(pid_t pid) pid_t Process::sys$getsid(pid_t pid)