From 6f464e76cf5dd2c3fbb6b7ea84d00e21ee88cdbf Mon Sep 17 00:00:00 2001
From: Avi Kivity <avi@cloudius-systems.com>
Date: Mon, 26 Aug 2013 16:18:24 +0300
Subject: [PATCH] mmu: don't pass really bad faults to the application

Trying to execute the null pointer, or faults within the kernel code, are
a really bad sign and it's better to abort early with them.
---
 arch/x64/loader.ld | 2 ++
 core/mmu.cc        | 8 ++++++++
 2 files changed, 10 insertions(+)

diff --git a/arch/x64/loader.ld b/arch/x64/loader.ld
index 78b25279a..121edec27 100644
--- a/arch/x64/loader.ld
+++ b/arch/x64/loader.ld
@@ -11,11 +11,13 @@ SECTIONS
     . = 0x201000;
     .dynamic : { *(.dynamic) } :dynamic :text
     .text : {
+        text_start = .;
         *(.text.hot .text.hot.*)
         *(.text.unlikely .text.*_unlikely)
         *(.text.fixup)
         *(.text.startup .text.startup.*)
         *(.text .text.*)
+        text_end = .;
     } :text
     . = ALIGN(8);
     .fixup : {
diff --git a/core/mmu.cc b/core/mmu.cc
index 465caca25..97378b03c 100644
--- a/core/mmu.cc
+++ b/core/mmu.cc
@@ -868,10 +868,18 @@ void switch_to_runtime_page_table()
 
 void page_fault(exception_frame *ef)
 {
+    extern const char text_start[], text_end[];
     sched::exception_guard g;
     auto addr = processor::read_cr2();
     if (fixup_fault(ef)) {
         return;
     }
+    auto pc = reinterpret_cast<void*>(ef->rip);
+    if (!pc) {
+        abort("trying to execute null pointer");
+    }
+    if (pc >= text_start && pc < text_end) {
+        abort("page fault outside application");
+    }
     osv::handle_segmentation_fault(addr, ef);
 }
-- 
GitLab