From f9c513d54f5269a016969b9fd75e6d13b8b65440 Mon Sep 17 00:00:00 2001 From: "kaf24@viper.(none)" Date: Sun, 6 Feb 2005 18:49:34 +0000 Subject: [PATCH] bitkeeper revision 1.1159.212.105 (420666bemy1hHhMRPUknF0p3-jxn_w) x86/64 debug builds use guard pages in unallocated heap space and for stack-limit enforcement. Signed-off-by: keir.fraser@cl.cam.ac.uk --- xen/arch/x86/boot/x86_32.S | 2 +- xen/arch/x86/boot/x86_64.S | 2 +- xen/arch/x86/setup.c | 2 +- xen/arch/x86/smpboot.c | 4 +-- xen/arch/x86/x86_32/mm.c | 5 ++++ xen/arch/x86/x86_32/traps.c | 2 ++ xen/arch/x86/x86_64/entry.S | 2 +- xen/arch/x86/x86_64/mm.c | 53 ++++++++++++++++++++++++------------ xen/arch/x86/x86_64/traps.c | 2 ++ xen/include/asm-x86/config.h | 8 ++++++ xen/include/asm-x86/mm.h | 2 ++ xen/include/asm-x86/page.h | 4 +++ xen/include/xen/sched.h | 2 -- 13 files changed, 64 insertions(+), 26 deletions(-) diff --git a/xen/arch/x86/boot/x86_32.S b/xen/arch/x86/boot/x86_32.S index b8cf16dc83..0b15876e96 100644 --- a/xen/arch/x86/boot/x86_32.S +++ b/xen/arch/x86/boot/x86_32.S @@ -169,7 +169,7 @@ ignore_int: /*** STACK LOCATION ***/ ENTRY(stack_start) - .long SYMBOL_NAME(cpu0_stack) + 8100 - __PAGE_OFFSET + .long SYMBOL_NAME(cpu0_stack) + STACK_SIZE - 200 - __PAGE_OFFSET .long __HYPERVISOR_DS /*** DESCRIPTOR TABLES ***/ diff --git a/xen/arch/x86/boot/x86_64.S b/xen/arch/x86/boot/x86_64.S index 2e559afd13..1ff32ba47c 100644 --- a/xen/arch/x86/boot/x86_64.S +++ b/xen/arch/x86/boot/x86_64.S @@ -211,7 +211,7 @@ SYMBOL_NAME(idt): .quad SYMBOL_NAME(idt_table) ENTRY(stack_start) - .quad SYMBOL_NAME(cpu0_stack) + 8000 + .quad SYMBOL_NAME(cpu0_stack) + STACK_SIZE - 200 high_start: .quad __high_start diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index eef2556a76..f8595633cc 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -360,7 +360,7 @@ static void __init start_of_day(void) #ifdef MEMORY_GUARD /* Unmap the first page of CPU0's stack. */ extern unsigned long cpu0_stack[]; - memguard_guard_range(cpu0_stack, PAGE_SIZE); + memguard_guard_stack(cpu0_stack); #endif open_softirq(NEW_TLBFLUSH_CLOCK_PERIOD_SOFTIRQ, new_tlbflush_clock_period); diff --git a/xen/arch/x86/smpboot.c b/xen/arch/x86/smpboot.c index 55d8917725..fcf7d64646 100644 --- a/xen/arch/x86/smpboot.c +++ b/xen/arch/x86/smpboot.c @@ -675,7 +675,7 @@ static void __init do_boot_cpu (int apicid) /* So we see what's up. */ printk("Booting processor %d/%d eip %lx\n", cpu, apicid, start_eip); - stack = (void *)alloc_xenheap_pages(1); + stack = (void *)alloc_xenheap_pages(STACK_ORDER); #if defined(__i386__) stack_start.esp = __pa(stack) + STACK_SIZE - STACK_RESERVED; #elif defined(__x86_64__) @@ -683,7 +683,7 @@ static void __init do_boot_cpu (int apicid) #endif /* Debug build: detect stack overflow by setting up a guard page. */ - memguard_guard_range(stack, PAGE_SIZE); + memguard_guard_stack(stack); /* * This grunge runs the startup process for diff --git a/xen/arch/x86/x86_32/mm.c b/xen/arch/x86/x86_32/mm.c index b6d26ec8d9..304f6d3188 100644 --- a/xen/arch/x86/x86_32/mm.c +++ b/xen/arch/x86/x86_32/mm.c @@ -532,6 +532,11 @@ static void __memguard_change_range(void *p, unsigned long l, int guard) } } +void memguard_guard_stack(void *p) +{ + memguard_guard_range(p, PAGE_SIZE); +} + void memguard_guard_range(void *p, unsigned long l) { __memguard_change_range(p, l, 1); diff --git a/xen/arch/x86/x86_32/traps.c b/xen/arch/x86/x86_32/traps.c index 5337bf421a..ec11beb5d0 100644 --- a/xen/arch/x86/x86_32/traps.c +++ b/xen/arch/x86/x86_32/traps.c @@ -149,6 +149,8 @@ asmlinkage void do_double_fault(void) /* Disable the NMI watchdog. It's useless now. */ watchdog_on = 0; + console_force_unlock(); + /* Find information saved during fault and dump it to the console. */ tss = &init_tss[cpu]; printk("CPU: %d\nEIP: %04x:[<%08x>] \nEFLAGS: %08x\n", diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S index 39bfdc92bc..ad1544092b 100644 --- a/xen/arch/x86/x86_64/entry.S +++ b/xen/arch/x86/x86_64/entry.S @@ -133,7 +133,7 @@ ENTRY(double_fault) jmp error_code ENTRY(nmi) - iret + iretq .data diff --git a/xen/arch/x86/x86_64/mm.c b/xen/arch/x86/x86_64/mm.c index 3dede2e8db..bf6927f019 100644 --- a/xen/arch/x86/x86_64/mm.c +++ b/xen/arch/x86/x86_64/mm.c @@ -495,18 +495,19 @@ long do_update_descriptor( #ifdef MEMORY_GUARD -#if 1 - -void *memguard_init(void *heap_start) { return heap_start; } -void memguard_guard_range(void *p, unsigned long l) {} -void memguard_unguard_range(void *p, unsigned long l) {} - -#else - +#define ALLOC_PT(_level) \ +do { \ + (_level) = (_level ## _pgentry_t *)heap_start; \ + heap_start = (void *)((unsigned long)heap_start + PAGE_SIZE); \ + clear_page(_level); \ +} while ( 0 ) void *memguard_init(void *heap_start) { - l1_pgentry_t *l1; - int i, j; + l1_pgentry_t *l1 = NULL; + l2_pgentry_t *l2 = NULL; + l3_pgentry_t *l3 = NULL; + l4_pgentry_t *l4 = &idle_pg_table[l4_table_offset(PAGE_OFFSET)]; + unsigned long i, j; /* Round the allocation pointer up to a page boundary. */ heap_start = (void *)(((unsigned long)heap_start + (PAGE_SIZE-1)) & @@ -515,14 +516,22 @@ void *memguard_init(void *heap_start) /* Memory guarding is incompatible with super pages. */ for ( i = 0; i < (xenheap_phys_end >> L2_PAGETABLE_SHIFT); i++ ) { - l1 = (l1_pgentry_t *)heap_start; - heap_start = (void *)((unsigned long)heap_start + PAGE_SIZE); + ALLOC_PT(l1); for ( j = 0; j < ENTRIES_PER_L1_PAGETABLE; j++ ) l1[j] = mk_l1_pgentry((i << L2_PAGETABLE_SHIFT) | (j << L1_PAGETABLE_SHIFT) | __PAGE_HYPERVISOR); - idle_pg_table[i] = idle_pg_table[i + l2_table_offset(PAGE_OFFSET)] = - mk_l2_pgentry(virt_to_phys(l1) | __PAGE_HYPERVISOR); + if ( !((unsigned long)l2 & (PAGE_SIZE-1)) ) + { + ALLOC_PT(l2); + if ( !((unsigned long)l3 & (PAGE_SIZE-1)) ) + { + ALLOC_PT(l3); + *l4++ = mk_l4_pgentry(virt_to_phys(l3) | __PAGE_HYPERVISOR); + } + *l3++ = mk_l3_pgentry(virt_to_phys(l2) | __PAGE_HYPERVISOR); + } + *l2++ = mk_l2_pgentry(virt_to_phys(l1) | __PAGE_HYPERVISOR); } return heap_start; @@ -532,6 +541,8 @@ static void __memguard_change_range(void *p, unsigned long l, int guard) { l1_pgentry_t *l1; l2_pgentry_t *l2; + l3_pgentry_t *l3; + l4_pgentry_t *l4; unsigned long _p = (unsigned long)p; unsigned long _l = (unsigned long)l; @@ -543,8 +554,10 @@ static void __memguard_change_range(void *p, unsigned long l, int guard) while ( _l != 0 ) { - l2 = &idle_pg_table[l2_table_offset(_p)]; - l1 = l2_pgentry_to_l1(*l2) + l1_table_offset(_p); + l4 = &idle_pg_table[l4_table_offset(_p)]; + l3 = l4_pgentry_to_l3(*l4) + l3_table_offset(_p); + l2 = l3_pgentry_to_l2(*l3) + l2_table_offset(_p); + l1 = l2_pgentry_to_l1(*l2) + l1_table_offset(_p); if ( guard ) *l1 = mk_l1_pgentry(l1_pgentry_val(*l1) & ~_PAGE_PRESENT); else @@ -554,6 +567,12 @@ static void __memguard_change_range(void *p, unsigned long l, int guard) } } +void memguard_guard_stack(void *p) +{ + p = (void *)((unsigned long)p + PAGE_SIZE); + memguard_guard_range(p, 2 * PAGE_SIZE); +} + void memguard_guard_range(void *p, unsigned long l) { __memguard_change_range(p, l, 1); @@ -566,5 +585,3 @@ void memguard_unguard_range(void *p, unsigned long l) } #endif - -#endif diff --git a/xen/arch/x86/x86_64/traps.c b/xen/arch/x86/x86_64/traps.c index 891175e007..1460058f5e 100644 --- a/xen/arch/x86/x86_64/traps.c +++ b/xen/arch/x86/x86_64/traps.c @@ -138,6 +138,8 @@ asmlinkage void do_double_fault(struct xen_regs *regs) /* Disable the NMI watchdog. It's useless now. */ watchdog_on = 0; + console_force_unlock(); + /* Find information saved during fault and dump it to the console. */ printk("************************************\n"); printk("EIP: %04lx:[<%p>] \nEFLAGS: %p\n", diff --git a/xen/include/asm-x86/config.h b/xen/include/asm-x86/config.h index 5080fd621d..78fd023a76 100644 --- a/xen/include/asm-x86/config.h +++ b/xen/include/asm-x86/config.h @@ -83,7 +83,15 @@ #ifndef NDEBUG #define MEMORY_GUARD +#ifdef __x86_64__ +#define STACK_ORDER 2 #endif +#endif + +#ifndef STACK_ORDER +#define STACK_ORDER 1 +#endif +#define STACK_SIZE (PAGE_SIZE << STACK_ORDER) #ifndef __ASSEMBLY__ extern unsigned long _end; /* standard ELF symbol */ diff --git a/xen/include/asm-x86/mm.h b/xen/include/asm-x86/mm.h index a10fa83ae9..a16a005fb5 100644 --- a/xen/include/asm-x86/mm.h +++ b/xen/include/asm-x86/mm.h @@ -250,10 +250,12 @@ void synchronise_pagetables(unsigned long cpu_mask); #ifdef MEMORY_GUARD void *memguard_init(void *heap_start); +void memguard_guard_stack(void *p); void memguard_guard_range(void *p, unsigned long l); void memguard_unguard_range(void *p, unsigned long l); #else #define memguard_init(_s) (_s) +#define memguard_guard_stack(_p) ((void)0) #define memguard_guard_range(_p,_l) ((void)0) #define memguard_unguard_range(_p,_l) ((void)0) #endif diff --git a/xen/include/asm-x86/page.h b/xen/include/asm-x86/page.h index 50a4f15b87..06346dc9d9 100644 --- a/xen/include/asm-x86/page.h +++ b/xen/include/asm-x86/page.h @@ -34,7 +34,11 @@ #endif #define PAGE_SHIFT L1_PAGETABLE_SHIFT +#ifndef __ASSEMBLY__ #define PAGE_SIZE (1UL << PAGE_SHIFT) +#else +#define PAGE_SIZE (1 << PAGE_SHIFT) +#endif #define PAGE_MASK (~(PAGE_SIZE-1)) #define clear_page(_p) memset((void *)(_p), 0, PAGE_SIZE) diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h index be6470c66f..4381799d89 100644 --- a/xen/include/xen/sched.h +++ b/xen/include/xen/sched.h @@ -3,8 +3,6 @@ #ifndef __SCHED_H__ #define __SCHED_H__ -#define STACK_SIZE (2*PAGE_SIZE) - #include #include #include -- 2.30.2