Process: check source/target overlap for Map/Unmap

This commit is contained in:
Weiyi Wang 2018-11-11 12:38:52 -05:00
parent 3db8915356
commit 29ade3e610

View file

@ -321,16 +321,22 @@ ResultCode Process::Map(VAddr target, VAddr source, u32 size, VMAPermission perm
return ERR_INVALID_ADDRESS_STATE; return ERR_INVALID_ADDRESS_STATE;
} }
if (source == target) { // Check range overlapping
if (source - target < size || target - source < size) {
if (privileged) { if (privileged) {
// privileged Map allows identical source and target address, which simply changes the if (source == target) {
// state and the permission of the memory // privileged Map allows identical source and target address, which simply changes
// the state and the permission of the memory
return vm_manager.ChangeMemoryState(source, size, MemoryState::Private, return vm_manager.ChangeMemoryState(source, size, MemoryState::Private,
VMAPermission::ReadWrite, MemoryState::AliasCode, VMAPermission::ReadWrite,
perms); MemoryState::AliasCode, perms);
} else {
return ERR_INVALID_ADDRESS;
} }
} else {
return ERR_INVALID_ADDRESS_STATE; return ERR_INVALID_ADDRESS_STATE;
} }
}
MemoryState source_state = privileged ? MemoryState::Locked : MemoryState::Aliased; MemoryState source_state = privileged ? MemoryState::Locked : MemoryState::Aliased;
MemoryState target_state = privileged ? MemoryState::AliasCode : MemoryState::Alias; MemoryState target_state = privileged ? MemoryState::AliasCode : MemoryState::Alias;
@ -367,15 +373,21 @@ ResultCode Process::Unmap(VAddr target, VAddr source, u32 size, VMAPermission pe
// TODO(wwylele): check that the source and the target are actually a pair created by Map // TODO(wwylele): check that the source and the target are actually a pair created by Map
// Should return error 0xD8E007F5 in this case // Should return error 0xD8E007F5 in this case
if (source == target) { if (source - target < size || target - source < size) {
if (privileged) { if (privileged) {
if (source == target) {
// privileged Unmap allows identical source and target address, which simply changes // privileged Unmap allows identical source and target address, which simply changes
// the state and the permission of the memory // the state and the permission of the memory
return vm_manager.ChangeMemoryState(source, size, MemoryState::AliasCode, return vm_manager.ChangeMemoryState(source, size, MemoryState::AliasCode,
VMAPermission::None, MemoryState::Private, perms); VMAPermission::None, MemoryState::Private,
perms);
} else {
return ERR_INVALID_ADDRESS;
} }
} else {
return ERR_INVALID_ADDRESS_STATE; return ERR_INVALID_ADDRESS_STATE;
} }
}
MemoryState source_state = privileged ? MemoryState::Locked : MemoryState::Aliased; MemoryState source_state = privileged ? MemoryState::Locked : MemoryState::Aliased;