vinzenz/redox
0
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Validate memory pointers

Browse source
This commit is contained in:
Jeremy Soller 2016-09-20 18:03:14 -06:00
parent be3bcbb878
commit 8dfd003c72
3 changed files with 96 additions and 63 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

118
kernel/scheme/user.rs
View file

@ -65,76 +65,84 @@ impl UserInner {
} }
fn capture_inner(&self, address: usize, size: usize, writable: bool) -> Result<usize> { fn capture_inner(&self, address: usize, size: usize, writable: bool) -> Result<usize> {
let context_lock = self.context.upgrade().ok_or(Error::new(ESRCH))?; if size == 0 {
let context = context_lock.read(); Ok(0)
} else {
let context_lock = self.context.upgrade().ok_or(Error::new(ESRCH))?;
let context = context_lock.read();
let mut grants = context.grants.lock(); let mut grants = context.grants.lock();
let mut new_table = unsafe { InactivePageTable::from_address(context.arch.get_page_table()) }; let mut new_table = unsafe { InactivePageTable::from_address(context.arch.get_page_table()) };
let mut temporary_page = TemporaryPage::new(Page::containing_address(VirtualAddress::new(arch::USER_TMP_GRANT_OFFSET))); let mut temporary_page = TemporaryPage::new(Page::containing_address(VirtualAddress::new(arch::USER_TMP_GRANT_OFFSET)));
let from_address = (address/4096) * 4096; let from_address = (address/4096) * 4096;
let offset = address - from_address; let offset = address - from_address;
let full_size = ((offset + size + 4095)/4096) * 4096; let full_size = ((offset + size + 4095)/4096) * 4096;
let mut to_address = arch::USER_GRANT_OFFSET; let mut to_address = arch::USER_GRANT_OFFSET;
let mut flags = entry::PRESENT | entry::NO_EXECUTE; let mut flags = entry::PRESENT | entry::NO_EXECUTE;
if writable { if writable {
flags |= entry::WRITABLE; flags |= entry::WRITABLE;
}
for i in 0 .. grants.len() {
let start = grants[i].start_address().get();
if to_address + full_size < start {
grants.insert(i, Grant::new(
VirtualAddress::new(from_address),
VirtualAddress::new(to_address),
full_size,
flags,
&mut new_table,
&mut temporary_page
));
return Ok(to_address + offset);
} else {
let pages = (grants[i].size() + 4095) / 4096;
let end = start + pages * 4096;
to_address = end;
} }
for i in 0 .. grants.len() {
let start = grants[i].start_address().get();
if to_address + full_size < start {
grants.insert(i, Grant::new(
VirtualAddress::new(from_address),
VirtualAddress::new(to_address),
full_size,
flags,
&mut new_table,
&mut temporary_page
));
return Ok(to_address + offset);
} else {
let pages = (grants[i].size() + 4095) / 4096;
let end = start + pages * 4096;
to_address = end;
}
}
grants.push(Grant::new(
VirtualAddress::new(from_address),
VirtualAddress::new(to_address),
full_size,
flags,
&mut new_table,
&mut temporary_page
));
Ok(to_address + offset)
} }
grants.push(Grant::new(
VirtualAddress::new(from_address),
VirtualAddress::new(to_address),
full_size,
flags,
&mut new_table,
&mut temporary_page
));
return Ok(to_address + offset);
} }
pub fn release(&self, address: usize) -> Result<()> { pub fn release(&self, address: usize) -> Result<()> {
let context_lock = self.context.upgrade().ok_or(Error::new(ESRCH))?; if address == 0 {
let context = context_lock.read(); Ok(())
} else {
let context_lock = self.context.upgrade().ok_or(Error::new(ESRCH))?;
let context = context_lock.read();
let mut grants = context.grants.lock(); let mut grants = context.grants.lock();
let mut new_table = unsafe { InactivePageTable::from_address(context.arch.get_page_table()) }; let mut new_table = unsafe { InactivePageTable::from_address(context.arch.get_page_table()) };
let mut temporary_page = TemporaryPage::new(Page::containing_address(VirtualAddress::new(arch::USER_TMP_GRANT_OFFSET))); let mut temporary_page = TemporaryPage::new(Page::containing_address(VirtualAddress::new(arch::USER_TMP_GRANT_OFFSET)));
for i in 0 .. grants.len() { for i in 0 .. grants.len() {
let start = grants[i].start_address().get(); let start = grants[i].start_address().get();
let end = start + grants[i].size(); let end = start + grants[i].size();
if address >= start && address < end { if address >= start && address < end {
grants.remove(i).destroy(&mut new_table, &mut temporary_page); grants.remove(i).destroy(&mut new_table, &mut temporary_page);
return Ok(()); return Ok(());
}
} }
}
Err(Error::new(EFAULT)) Err(Error::new(EFAULT))
}
} }
pub fn read(&self, buf: &mut [u8]) -> Result<usize> { pub fn read(&self, buf: &mut [u8]) -> Result<usize> {

40
kernel/syscall/validate.rs
View file

@ -1,15 +1,39 @@
use core::slice; use core::{mem, slice};
use arch::paging::{ActivePageTable, Page, VirtualAddress, entry};
use syscall::error::*; use syscall::error::*;
/// Convert a pointer and length to slice, if valid fn validate(address: usize, size: usize, flags: entry::EntryFlags) -> Result<()> {
/// TODO: Check validity let active_table = unsafe { ActivePageTable::new() };
pub fn validate_slice<T>(ptr: *const T, len: usize) -> Result<&'static [T]> {
Ok(unsafe { slice::from_raw_parts(ptr, len) }) let start_page = Page::containing_address(VirtualAddress::new(address));
let end_page = Page::containing_address(VirtualAddress::new(address + size - 1));
for page in Page::range_inclusive(start_page, end_page) {
let page_flags = active_table.translate_page_flags(page).ok_or(Error::new(EFAULT))?;
if ! page_flags.contains(flags) {
return Err(Error::new(EFAULT));
}
}
Ok(())
} }
/// Convert a pointer and length to slice, if valid /// Convert a pointer and length to slice, if valid
/// TODO: Check validity pub fn validate_slice<T>(ptr: *const T, len: usize) -> Result<&'static [T]> {
pub fn validate_slice_mut<T>(ptr: *mut T, len: usize) -> Result<&'static mut [T]> { if len == 0 {
Ok(unsafe { slice::from_raw_parts_mut(ptr, len) }) Ok(&[])
} else {
validate(ptr as usize, len * mem::size_of::<T>(), entry::PRESENT /* TODO | entry::USER_ACCESSIBLE */)?;
Ok(unsafe { slice::from_raw_parts(ptr, len) })
}
}
/// Convert a pointer and length to slice, if valid
pub fn validate_slice_mut<T>(ptr: *mut T, len: usize) -> Result<&'static mut [T]> {
if len == 0 {
Ok(&mut [])
} else {
validate(ptr as usize, len * mem::size_of::<T>(), entry::PRESENT | entry::WRITABLE /* TODO | entry::USER_ACCESSIBLE */)?;
Ok(unsafe { slice::from_raw_parts_mut(ptr, len) })
}
} }

1
schemes/example/src/main.rs
View file

@ -31,6 +31,7 @@ fn main(){
loop { loop {
let mut packet = Packet::default(); let mut packet = Packet::default();
socket.read(&mut packet).expect("example: failed to read events from example scheme"); socket.read(&mut packet).expect("example: failed to read events from example scheme");
println!("{:?}", packet);
scheme.handle(&mut packet); scheme.handle(&mut packet);
socket.write(&packet).expect("example: failed to write responses to example scheme"); socket.write(&packet).expect("example: failed to write responses to example scheme");
} }