mmu: don't pass really bad faults to the application

Trying to execute the null pointer, or faults within the kernel code, are a really bad sign and it's better to abort early with them.

mmu: don't pass really bad faults to the application
6f464e76 · Avi Kivity · 0affe14a · 6f464e76 · 6f464e76
Commit 6f464e76 authored 11 years ago by Avi Kivity
--- a/arch/x64/loader.ld
+++ b/arch/x64/loader.ld
@@ -11,11 +11,13 @@ SECTIONS
    . = 0x201000;
    .dynamic : { *(.dynamic) } :dynamic :text
    .text : {
+        text_start = .;
        *(.text.hot .text.hot.*)
        *(.text.unlikely .text.*_unlikely)
        *(.text.fixup)
        *(.text.startup .text.startup.*)
        *(.text .text.*)
+        text_end = .;
    } :text
    . = ALIGN(8);
    .fixup : {

--- a/core/mmu.cc
+++ b/core/mmu.cc
@@ -868,10 +868,18 @@ void switch_to_runtime_page_table()
 void page_fault(exception_frame *ef)
 {
+    extern const char text_start[], text_end[];
    sched::exception_guard g;
    auto addr = processor::read_cr2();
    if (fixup_fault(ef)) {
        return;
    }
+    auto pc = reinterpret_cast<void*>(ef->rip);
+    if (!pc) {
+        abort("trying to execute null pointer");
+    }
+    if (pc >= text_start && pc < text_end) {
+        abort("page fault outside application");
+    }
    osv::handle_segmentation_fault(addr, ef);
 }