apio/Luna
1
1
Fork 0
Code Issues Pull Requests Actions Projects Releases 8 Wiki Activity

kernel: Zero out allocated memory for userspace to avoid leaking sensitive data
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
apio 2023-04-17 20:11:07 +02:00
parent b2fe1f45ef
commit 95659639e5
Signed by: apio
GPG Key ID: B8A7D06E42258954
4 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
kernel/src/ELF.cpp
View File

@ -101,7 +101,7 @@ namespace ELFLoader
if (can_execute_segment(program_header.p_flags)) flags &= ~MMU::NoExecute;
// Allocate physical memory for the segment
TRY(MemoryManager::alloc_at(
TRY(MemoryManager::alloc_at_zeroed(
base_vaddr, get_blocks_from_size(program_header.p_memsz + vaddr_diff, ARCH_PAGE_SIZE), flags));
// Load the file section of the segment

12
kernel/src/memory/MemoryManager.cpp
View File

@ -261,6 +261,18 @@ namespace MemoryManager
return start;
}
Result<u64> alloc_at_zeroed(u64 virt, usize count, int flags)
{
u64 address = TRY(alloc_at(virt, count, MMU::ReadWrite));
memset((void*)address, 0, count * ARCH_PAGE_SIZE);
remap(address, count, flags)
.expect_value("Wait... we just mapped something but it doesn't exist anymore? Confused.");
return address;
}
Result<u64> alloc_for_kernel(usize count, int flags)
{
const u64 start = TRY(KernelVM::alloc_several_pages(count));

1
kernel/src/memory/MemoryManager.h
View File

@ -59,6 +59,7 @@ namespace MemoryManager
Result<void> map_huge_frames_at(u64 virt, u64 phys, usize count, int flags);
Result<u64> alloc_at(u64 virt, usize count, int flags);
Result<u64> alloc_at_zeroed(u64, usize count, int flags);
Result<u64> alloc_for_kernel(usize count, int flags);
Result<u64> get_kernel_mapping_for_frames(u64 phys, usize count, int flags);

2
kernel/src/thread/ThreadImage.cpp
View File

@ -7,7 +7,7 @@ static Result<void> create_stacks(Stack& user_stack, Stack& kernel_stack)
{
const u64 THREAD_STACK_BASE = 0x10000;
TRY(MemoryManager::alloc_at(THREAD_STACK_BASE, 4, MMU::ReadWrite | MMU::NoExecute | MMU::User));
TRY(MemoryManager::alloc_at_zeroed(THREAD_STACK_BASE, 4, MMU::ReadWrite | MMU::NoExecute | MMU::User));
auto guard = make_scope_guard([&] { MemoryManager::unmap_owned(THREAD_STACK_BASE, 4); });