ref: fc7f6f8e99d9db307883448a49a1e3d6243d04cf
parent: 0fdb1578ef610846a231036d74b65716e75f6927
author: mischief <mischief@offblast.org>
date: Thu Feb 6 13:03:17 EST 2014
pc64: ensure user pc is never set to a non-canonical address through setregisters on intel processors, a general protection exception is fired if a non-canonical address is loaded into PC during SYSRET. this will cause the kernel to panic. see http://www.kb.cert.org/vuls/id/649219 and the intel software developer manual for more information.
--- a/sys/src/9/pc64/mem.h
+++ b/sys/src/9/pc64/mem.h
@@ -44,9 +44,10 @@
* Address spaces. User:
*/
#define UTZERO (0x0000000000200000ull) /* first address in user text */
+#define UADDRMASK (0x00007fffffffffffull) /* canonical address mask */
#define TSTKTOP (0x00007ffffffff000ull)
-#define USTKSIZE (16*MiB) /* size of user stack */
-#define USTKTOP (TSTKTOP-USTKSIZE) /* end of new stack in sysexec */
+#define USTKSIZE (16*MiB) /* size of user stack */
+#define USTKTOP (TSTKTOP-USTKSIZE) /* end of new stack in sysexec */
/*
* Address spaces. Kernel, sorted by address.
--- a/sys/src/9/pc64/trap.c
+++ b/sys/src/9/pc64/trap.c
@@ -992,6 +992,7 @@
if(ureg->gs != UDSEL)
ureg->gs = 0;
ureg->flags = (ureg->flags & 0x00ff) | (flags & 0xff00);
+ ureg->pc &= UADDRMASK;
}
static void