From owner-freebsd-arch  Wed May 29 13:19: 2 2002
Delivered-To: freebsd-arch@freebsd.org
Received: from falcon.mail.pas.earthlink.net (falcon.mail.pas.earthlink.net [207.217.120.74])
	by hub.freebsd.org (Postfix) with ESMTP id 3C47B37B404
	for <freebsd-arch@freebsd.org>; Wed, 29 May 2002 13:18:58 -0700 (PDT)
Received: from pool0344.cvx22-bradley.dialup.earthlink.net ([209.179.199.89] helo=mindspring.com)
	by falcon.prod.itd.earthlink.net with esmtp (Exim 3.33 #2)
	id 17D9uF-0002Hw-00; Wed, 29 May 2002 13:18:52 -0700
Message-ID: <3CF5378C.52C15200@mindspring.com>
Date: Wed, 29 May 2002 13:18:20 -0700
From: Terry Lambert <tlambert2@mindspring.com>
X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony}  (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Archie Cobbs <archie@dellroad.org>
Cc: Jake Burkholder <jake@locore.ca>, freebsd-arch@FreeBSD.ORG
Subject: Re: Kernel stack overflow detection?
References: <200205291920.g4TJKkE92786@arch20m.dellroad.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

Archie Cobbs wrote:
> +        * Map the 1st and the 3rd UPAGES pages as writable and the 2nd
> +        * page as read-only to detect kernel stack overflows.
> +        *
> +        * Because of the way fillkptphys() works we have to do this in
> +        * three stages: 1st page RW, 2nd page RO, and pages 3-N RW.
> +        */

IMO, the 2nd page should be unmapped, not mapped R/O.

With it mapped R/O, you won't detect reads of auto variables in a
terminal function which are not used for a given code path, but
might be used for a different code path.

You might be able to 100% trust the compiler for "might be used
before initialized".

Also, while it's not a problem for most people, mapping it R/O
on the 386 won't actually do anything when it comes to writing it
from kernel space (no fault will be generated because the 386 lacks
this capability, even if it lets you map that way).  Unmapping it
will ensure a fault, even on the 386.

-- Terry

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message