From fc7f6f8e99d9db307883448a49a1e3d6243d04cf Mon Sep 17 00:00:00 2001 From: mischief Date: Thu, 6 Feb 2014 18:03:17 -0800 Subject: pc64: ensure user pc is never set to a non-canonical address through setregisters on intel processors, a general protection exception is fired if a non-canonical address is loaded into PC during SYSRET. this will cause the kernel to panic. see http://www.kb.cert.org/vuls/id/649219 and the intel software developer manual for more information. --- sys/src/9/pc64/mem.h | 5 +++-- sys/src/9/pc64/trap.c | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/src/9/pc64/mem.h b/sys/src/9/pc64/mem.h index 73fbcfc93..9003863ca 100644 --- a/sys/src/9/pc64/mem.h +++ b/sys/src/9/pc64/mem.h @@ -44,9 +44,10 @@ * Address spaces. User: */ #define UTZERO (0x0000000000200000ull) /* first address in user text */ +#define UADDRMASK (0x00007fffffffffffull) /* canonical address mask */ #define TSTKTOP (0x00007ffffffff000ull) -#define USTKSIZE (16*MiB) /* size of user stack */ -#define USTKTOP (TSTKTOP-USTKSIZE) /* end of new stack in sysexec */ +#define USTKSIZE (16*MiB) /* size of user stack */ +#define USTKTOP (TSTKTOP-USTKSIZE) /* end of new stack in sysexec */ /* * Address spaces. Kernel, sorted by address. diff --git a/sys/src/9/pc64/trap.c b/sys/src/9/pc64/trap.c index 41a8c4978..6b2154c3f 100644 --- a/sys/src/9/pc64/trap.c +++ b/sys/src/9/pc64/trap.c @@ -992,6 +992,7 @@ setregisters(Ureg* ureg, char* pureg, char* uva, int n) if(ureg->gs != UDSEL) ureg->gs = 0; ureg->flags = (ureg->flags & 0x00ff) | (flags & 0xff00); + ureg->pc &= UADDRMASK; } static void -- cgit v1.2.3