LadybirdBrowser/ladybird
1
1
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-09-20 17:58:18 +03:00
Code Issues Packages Projects Releases Wiki Activity
c9a5253ac2
ladybird/Kernel/VM/PageDirectory.cpp
Andreas Kling 2d1bcce34a Kernel: Fix triple-fault when clicking on SystemServer in SystemMonitor 
The fault was happening when retrieving a current backtrace for the
SystemServer process.

To generate a backtrace, we go into the paging scope of the process,
meaning we temporarily switch to using its page directory as our own.

Because kernel VM is allocated on demand, it's possible for a process's
mappings above the 3GB mark to be out-of-date. Normally this just gets
fixed up transparently by the page fault handler (which simply copies
the PDE from the canonical MM.kernel_page_directory() into the current
process.)

However, if the current kernel *stack* is in a piece of memory that
the backtraced process lacks up-to-date PDE's for, we still get a page
fault, but are unable to handle it, since the CPU wants to push to the
stack as part of calling the page fault handler. So we're screwed and
it's a triple-fault.

Fix this by always updating the kernel VM mappings before switching
into a paging scope. In practical terms, this is a 1KB memcpy() that
happens when generating a backtrace, or doing exec().
2019-11-27 12:40:42 +01:00

68 lines
2.1 KiB
C++
Raw Blame History

#include <Kernel/Process.h>
#include <Kernel/Thread.h>
#include <Kernel/VM/MemoryManager.h>
#include <Kernel/VM/PageDirectory.h>
static const u32 userspace_range_base = 0x01000000;
static const u32 kernelspace_range_base = 0xc0000000;
static HashMap<u32, PageDirectory*>& pdb_map()
{
ASSERT_INTERRUPTS_DISABLED();
static HashMap<u32, PageDirectory*>* map;
if (!map)
map = new HashMap<u32, PageDirectory*>;
return *map;
}
RefPtr<PageDirectory> PageDirectory::find_by_pdb(u32 pdb)
{
InterruptDisabler disabler;
return pdb_map().get(pdb).value_or({});
}
PageDirectory::PageDirectory(PhysicalAddress paddr)
: m_range_allocator(VirtualAddress(0xc0000000), 0x3f000000)
{
m_directory_page = PhysicalPage::create(paddr, true, false);
InterruptDisabler disabler;
pdb_map().set(m_directory_page->paddr().get(), this);
}
PageDirectory::PageDirectory(Process& process, const RangeAllocator* parent_range_allocator)
: m_process(&process)
, m_range_allocator(parent_range_allocator ? RangeAllocator(*parent_range_allocator) : RangeAllocator(VirtualAddress(userspace_range_base), kernelspace_range_base - userspace_range_base))
{
MM.populate_page_directory(*this);
InterruptDisabler disabler;
pdb_map().set(m_directory_page->paddr().get(), this);
}
PageDirectory::~PageDirectory()
{
#ifdef MM_DEBUG
dbgprintf("MM: ~PageDirectory K%x\n", this);
#endif
InterruptDisabler disabler;
pdb_map().remove(m_directory_page->paddr().get());
}
void PageDirectory::flush(VirtualAddress vaddr)
{
#ifdef MM_DEBUG
dbgprintf("MM: Flush page V%p\n", vaddr.get());
#endif
if (!current)
return;
if (this == &MM.kernel_page_directory() || &current->process().page_directory() == this)
MM.flush_tlb(vaddr);
}
void PageDirectory::update_kernel_mappings()
{
// This ensures that the kernel virtual address space is up-to-date in this page directory.
// This may be necessary to avoid triple faulting when entering a process's paging scope
// whose mappings are out-of-date.
memcpy(entries() + 768, MM.kernel_page_directory().entries() + 768, sizeof(PageDirectoryEntry) * 256);
}
Reference in New Issue View Git Blame Copy Permalink