diff options
author | kib <kib@FreeBSD.org> | 2011-10-03 17:01:31 +0000 |
---|---|---|
committer | kib <kib@FreeBSD.org> | 2011-10-03 17:01:31 +0000 |
commit | fa5272165dcca2593d6249d2fb2707cab94648e6 (patch) | |
tree | 2f1498ede3d8fc07131e1ed25b92cbf310d811cb /sys/amd64 | |
parent | b0ea63c19aa5ec79a2213d4e275392f42035ac49 (diff) | |
download | FreeBSD-src-fa5272165dcca2593d6249d2fb2707cab94648e6.zip FreeBSD-src-fa5272165dcca2593d6249d2fb2707cab94648e6.tar.gz |
Do not allow the kernel to access usermode pages without installed
fault handler. Panic immediately in such situation, on i386 and amd64.
Reviewed by: avg, jhb
MFC after: 1 week
Diffstat (limited to 'sys/amd64')
-rw-r--r-- | sys/amd64/amd64/trap.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/sys/amd64/amd64/trap.c b/sys/amd64/amd64/trap.c index 16f151f..9c72a69 100644 --- a/sys/amd64/amd64/trap.c +++ b/sys/amd64/amd64/trap.c @@ -674,6 +674,19 @@ trap_pfault(frame, usermode) goto nogo; map = &vm->vm_map; + + /* + * When accessing a usermode address, kernel must be + * ready to accept the page fault, and provide a + * handling routine. Since accessing the address + * without the handler is a bug, do not try to handle + * it normally, and panic immediately. + */ + if (!usermode && (td->td_intr_nesting_level != 0 || + PCPU_GET(curpcb)->pcb_onfault == NULL)) { + trap_fatal(frame, eva); + return (-1); + } } /* |