Remove the stack guard page. Processes are now contiguous from 0 to proc->sz, which means our syscall argument validation is correct. Add a pointer validation test and remove the stack test, which tested for the guard page.
This commit is contained in:
Austin Clements
parent
41c4bbb505
commit
b1d41d6788
1
exec.c
1
exec.c
|
|
@ -52,7 +52,6 @@ exec(char *path, char **argv)
|
|||
|
||||
// Allocate and initialize stack at sz
|
||||
sz = PGROUNDUP(sz);
|
||||
sz += PGSIZE; // leave an invalid page
|
||||
if(!allocuvm(pgdir, (char *)sz, PGSIZE))
|
||||
goto bad;
|
||||
mem = uva2ka(pgdir, (char *)sz);
|
||||
|
|
|
|||
|
|
@ -22,8 +22,6 @@ fetchint(struct proc *p, uint addr, int *ip)
|
|||
return 0;
|
||||
}
|
||||
|
||||
// XXX should we copy the string?
|
||||
|
||||
// Fetch the nul-terminated string at addr from process p.
|
||||
// Doesn't actually copy the string - just sets *pp to point at it.
|
||||
// Returns length of string, not including nul.
|
||||
|
|
@ -62,8 +60,7 @@ argptr(int n, char **pp, int size)
|
|||
return -1;
|
||||
if((uint)i >= proc->sz || (uint)i+size >= proc->sz)
|
||||
return -1;
|
||||
// *pp = proc->mem + i; // XXXXX
|
||||
*pp = (char *) i; // XXXXX
|
||||
*pp = (char *) i;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
56
usertests.c
56
usertests.c
|
|
@ -3,6 +3,8 @@
|
|||
#include "user.h"
|
||||
#include "fs.h"
|
||||
#include "fcntl.h"
|
||||
#include "syscall.h"
|
||||
#include "traps.h"
|
||||
|
||||
char buf[2048];
|
||||
char name[3];
|
||||
|
|
@ -1375,26 +1377,46 @@ sbrktest(void)
|
|||
}
|
||||
|
||||
void
|
||||
stacktest(void)
|
||||
validateint(int *p)
|
||||
{
|
||||
printf(stdout, "stack test\n");
|
||||
char dummy = 1;
|
||||
char *p = &dummy;
|
||||
int ppid = getpid();
|
||||
int pid = fork();
|
||||
if(pid < 0){
|
||||
printf(stdout, "fork failed\n");
|
||||
exit();
|
||||
}
|
||||
if(pid == 0){
|
||||
// should cause a trap:
|
||||
p[-4096] = 'z';
|
||||
kill(ppid);
|
||||
printf(stdout, "stack test failed: page before stack was writeable\n");
|
||||
int res;
|
||||
asm("mov %%esp, %%ebx\n\t"
|
||||
"mov %3, %%esp\n\t"
|
||||
"int %2\n\t"
|
||||
"mov %%ebx, %%esp" :
|
||||
"=a" (res) :
|
||||
"a" (SYS_sleep), "n" (T_SYSCALL), "c" (p) :
|
||||
"ebx");
|
||||
}
|
||||
|
||||
void
|
||||
validatetest(void)
|
||||
{
|
||||
int hi = 1100*1024;
|
||||
|
||||
printf(stdout, "validate test\n");
|
||||
|
||||
uint p;
|
||||
for (p = 0; p <= (uint)hi; p += 4096) {
|
||||
int pid;
|
||||
if ((pid = fork()) == 0) {
|
||||
// try to crash the kernel by passing in a badly placed integer
|
||||
validateint((int*)p);
|
||||
exit();
|
||||
}
|
||||
sleep(0);
|
||||
sleep(0);
|
||||
kill(pid);
|
||||
wait();
|
||||
printf(stdout, "stack test OK\n");
|
||||
|
||||
// try to crash the kernel by passing in a bad string pointer
|
||||
if (link("nosuchfile", (char*)p) != -1) {
|
||||
printf(stdout, "link should not succeed\n");
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
||||
printf(stdout, "validate ok\n");
|
||||
}
|
||||
|
||||
int
|
||||
|
|
@ -1408,8 +1430,8 @@ main(int argc, char *argv[])
|
|||
}
|
||||
close(open("usertests.ran", O_CREATE));
|
||||
|
||||
stacktest();
|
||||
sbrktest();
|
||||
validatetest();
|
||||
|
||||
opentest();
|
||||
writetest();
|
||||
|
|
|
|||
Loading…
Reference in a new issue