Permalink
Please
sign in to comment.
Browse files
Kernel: Prevent executing I/O instructions in userspace
All threads were running with iomapbase=0 in their TSS, which the CPU interprets as "there's an I/O permission bitmap starting at offset 0 into my TSS". Because of that, any bits that were 1 inside the TSS would allow the thread to execute I/O instructions on the port with that bit index. Fix this by always setting the iomapbase to sizeof(TSS32), and also setting the TSS descriptor's limit to sizeof(TSS32), effectively making the I/O permissions bitmap zero-length. This should make it no longer possible to do I/O from userspace. :^)
- Loading branch information
Showing
with
21 additions
and 6 deletions.
- +1 −0 Base/usr/share/man/man1/crash.md
- +2 −0 Kernel/Process.cpp
- +4 −4 Kernel/Scheduler.cpp
- +1 −0 Kernel/Thread.cpp
- +13 −2 Userland/crash.cpp
0 comments on commit
f598bbb