From 3aaeff483bfea969c4f056646fdd29045cc95891 Mon Sep 17 00:00:00 2001 From: Conrad Pankoff Date: Tue, 24 Dec 2019 11:01:23 +1100 Subject: [PATCH] Kernel: Add a size argument to validate_read_from_kernel --- Kernel/KSyms.cpp | 4 ++-- Kernel/Process.cpp | 4 ++-- Kernel/Process.h | 2 +- Kernel/Thread.cpp | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Kernel/KSyms.cpp b/Kernel/KSyms.cpp index 465f7fcfdb..55464d3274 100644 --- a/Kernel/KSyms.cpp +++ b/Kernel/KSyms.cpp @@ -104,12 +104,12 @@ static void load_ksyms_from_data(const ByteBuffer& buffer) RecognizedSymbol recognized_symbols[max_recognized_symbol_count]; int recognized_symbol_count = 0; if (use_ksyms) { - for (u32* stack_ptr = (u32*)ebp; current->process().validate_read_from_kernel(VirtualAddress((u32)stack_ptr)) && recognized_symbol_count < max_recognized_symbol_count; stack_ptr = (u32*)*stack_ptr) { + for (u32* stack_ptr = (u32*)ebp; current->process().validate_read_from_kernel(VirtualAddress((u32)stack_ptr), sizeof(void*) * 2) && recognized_symbol_count < max_recognized_symbol_count; stack_ptr = (u32*)*stack_ptr) { u32 retaddr = stack_ptr[1]; recognized_symbols[recognized_symbol_count++] = { retaddr, ksymbolicate(retaddr) }; } } else { - for (u32* stack_ptr = (u32*)ebp; current->process().validate_read_from_kernel(VirtualAddress((u32)stack_ptr)); stack_ptr = (u32*)*stack_ptr) { + for (u32* stack_ptr = (u32*)ebp; current->process().validate_read_from_kernel(VirtualAddress((u32)stack_ptr), sizeof(void*) * 2); stack_ptr = (u32*)*stack_ptr) { u32 retaddr = stack_ptr[1]; dbgprintf("%x (next: %x)\n", retaddr, stack_ptr ? (u32*)*stack_ptr : 0); } diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp index 69dfc37575..30d223fb6a 100644 --- a/Kernel/Process.cpp +++ b/Kernel/Process.cpp @@ -1896,7 +1896,7 @@ static KernelMemoryCheckResult check_kernel_memory_access(VirtualAddress vaddr, return KernelMemoryCheckResult::NotInsideKernelMemory; } -bool Process::validate_read_from_kernel(VirtualAddress vaddr) const +bool Process::validate_read_from_kernel(VirtualAddress vaddr, ssize_t size) const { if (vaddr.is_null()) return false; @@ -1909,7 +1909,7 @@ bool Process::validate_read_from_kernel(VirtualAddress vaddr) const return false; if (is_kmalloc_address(vaddr.as_ptr())) return true; - return validate_read(vaddr.as_ptr(), 1); + return validate_read(vaddr.as_ptr(), size); } bool Process::validate_read_str(const char* str) diff --git a/Kernel/Process.h b/Kernel/Process.h index acfb901266..468157750f 100644 --- a/Kernel/Process.h +++ b/Kernel/Process.h @@ -255,7 +255,7 @@ public: u32 m_ticks_in_user_for_dead_children { 0 }; u32 m_ticks_in_kernel_for_dead_children { 0 }; - bool validate_read_from_kernel(VirtualAddress) const; + bool validate_read_from_kernel(VirtualAddress, ssize_t) const; bool validate_read(const void*, ssize_t) const; bool validate_write(void*, ssize_t) const; diff --git a/Kernel/Thread.cpp b/Kernel/Thread.cpp index f07b4b2d6b..35f9366894 100644 --- a/Kernel/Thread.cpp +++ b/Kernel/Thread.cpp @@ -708,7 +708,7 @@ String Thread::backtrace_impl() const StringBuilder builder; Vector recognized_symbols; recognized_symbols.append({ tss().eip, ksymbolicate(tss().eip) }); - for (u32* stack_ptr = (u32*)frame_ptr(); process.validate_read_from_kernel(VirtualAddress((u32)stack_ptr)); stack_ptr = (u32*)*stack_ptr) { + for (u32* stack_ptr = (u32*)frame_ptr(); process.validate_read_from_kernel(VirtualAddress((u32)stack_ptr), sizeof(void*) * 2); stack_ptr = (u32*)*stack_ptr) { u32 retaddr = stack_ptr[1]; recognized_symbols.append({ retaddr, ksymbolicate(retaddr) }); } @@ -738,7 +738,7 @@ Vector Thread::raw_backtrace(u32 ebp) const ProcessPagingScope paging_scope(process); Vector backtrace; backtrace.append(ebp); - for (u32* stack_ptr = (u32*)ebp; process.validate_read_from_kernel(VirtualAddress((u32)stack_ptr)); stack_ptr = (u32*)*stack_ptr) { + for (u32* stack_ptr = (u32*)ebp; process.validate_read_from_kernel(VirtualAddress((u32)stack_ptr), sizeof(void*) * 2); stack_ptr = (u32*)*stack_ptr) { u32 retaddr = stack_ptr[1]; backtrace.append(retaddr); }