Remove context area from physical RAM allocator

In base-fiasco, base-foc and base-pistachio, physical memory gets mapped 1:1 to core virtual memory. When the 'Ram_session_component' allocates physical memory for a client, it zeroes out the corresponding area in core's virtual address space and then maps the area to the client. If this area overlaps with core's virtual thread context area (usually at 0x40000000-0x4fffffff), the stack of one or more core threads can get overwritten. To avoid this problem, with this patch, the thread context area gets removed from the physical RAM allocator on these platforms. Fixes #660.
2025-02-20 17:52:52 +00:00 · 2013-02-21 17:47:15 +01:00 · 2013-02-21 17:47:15 +01:00 · 2664afbd7d
commit 2664afbd7d
parent 439315d918
4 changed files with 52 additions and 8 deletions
--- a/base-fiasco/src/core/platform.cc
+++ b/base-fiasco/src/core/platform.cc
@ -187,6 +187,14 @@ struct Region

 	Region() : start(0), end(0) { }
 	Region(addr_t s, addr_t e) : start(s), end(e) { }
+
+	/**
+	 * Returns true if the specified range intersects with the region
+	 */
+	bool intersects(addr_t base, size_t size) const
+	{
+		return (((base + size) > start) && (base < end));
+	}
 };


@ -296,8 +304,11 @@ void Platform::_setup_mem_alloc()
 				}

 				region.start = addr; region.end = addr + size;
-				add_region(region, _ram_alloc);
-				add_region(region, _core_address_ranges());
+				if (!region.intersects(Native_config::context_area_virtual_base(),
+				                       Native_config::context_area_virtual_size())) {
+					add_region(region, _ram_alloc);
+					add_region(region, _core_address_ranges());
+				}
 				remove_region(region, _io_mem_alloc);
 				remove_region(region, _region_alloc);
 			}
--- a/base-foc/src/core/platform.cc
+++ b/base-foc/src/core/platform.cc
@ -171,6 +171,14 @@ struct Region

 	Region() : start(0), end(0) { }
 	Region(addr_t s, addr_t e) : start(s), end(e) { }
+
+	/**
+	 * Returns true if the specified range intersects with the region
+	 */
+	bool intersects(addr_t base, size_t size) const
+	{
+		return (((base + size) > start) && (base < end));
+	}
 };


@ -308,8 +316,11 @@ void Platform::_setup_mem_alloc()
 				}

 				region.start = addr; region.end = addr + size;
-				add_region(region, _ram_alloc);
-				add_region(region, _core_address_ranges());
+				if (!region.intersects(Native_config::context_area_virtual_base(),
+				                       Native_config::context_area_virtual_size())) {
+					add_region(region, _ram_alloc);
+					add_region(region, _core_address_ranges());
+				}
 				remove_region(region, _io_mem_alloc);
 				remove_region(region, _region_alloc);
 			}
--- a/base-pistachio/src/core/include/map_local.h
+++ b/base-pistachio/src/core/include/map_local.h
@ -20,6 +20,7 @@

 /* Pistachio includes */
 namespace Pistachio {
+#include <l4/space.h>
 #include <l4/types.h>
 #include <l4/ipc.h>
 #include <l4/kdebug.h>
@ -40,7 +41,7 @@ namespace Genode {
 	 */
 	inline static bool map_local(addr_t from_addr, addr_t to_addr, size_t num_pages)
 	{
-	
+
 		Native_thread_id core_pager = platform_specific()->core_pager()->native_thread_id();

 		addr_t offset = 0;
@ -85,7 +86,14 @@ namespace Genode {
 	 */
 	inline void unmap_local(addr_t virt, size_t num_pages)
 	{
-		PERR("unmap_local() called - not implemented yet");
+		size_t page_size = get_page_size();
+		addr_t offset = 0;
+		for (unsigned i = 0; i < num_pages; i++, offset += page_size) {
+			using namespace Pistachio;
+			L4_Fpage_t fpage = L4_Fpage(virt + offset, page_size);
+			fpage += L4_FullyAccessible;
+			L4_Flush(fpage);
+		}
 	}
 }

--- a/base-pistachio/src/core/platform.cc
+++ b/base-pistachio/src/core/platform.cc
@ -21,6 +21,7 @@

 /* core includes */
 #include <core_parent.h>
+#include <map_local.h>
 #include <platform.h>
 #include <platform_thread.h>
 #include <platform_pd.h>
@ -247,6 +248,14 @@ struct Region

 	Region() : start(0), end(0) { }
 	Region(addr_t s, addr_t e) : start(s), end(e) { }
+
+	/**
+	 * Returns true if the specified range intersects with the region
+	 */
+	bool intersects(addr_t base, size_t size) const
+	{
+		return (((base + size) > start) && (base < end));
+	}
 };


@ -396,8 +405,13 @@ void Platform::_setup_mem_alloc()

 				} else {
 					region.start = addr; region.end = addr + size;
-					add_region(region, _ram_alloc);
-					add_region(region, _core_address_ranges());
+					if (!region.intersects(Native_config::context_area_virtual_base(),
+					                       Native_config::context_area_virtual_size())) {
+						add_region(region, _ram_alloc);
+						add_region(region, _core_address_ranges());
+					} else {
+						unmap_local(region.start, size >> get_page_size_log2());
+					}
 					remove_region(region, _io_mem_alloc);
 					remove_region(region, _region_alloc);
 				}