Re: Null pointer checking in the kernel --help needed.

• To: oskit-users@fast.cs.utah.edu
• Subject: Re: Null pointer checking in the kernel --help needed.
• From: UNIX savvy Brian Witt <bwitt@mail.value.net>
• Date: Thu, 30 May 2002 15:19:46 -0700 (PDT)
• In-Reply-To: <F55HZncJfKHmj9n1xxW0001356a@hotmail.com>
• Sender: owner-oskit-users@fast.cs.utah.edu

The OS toolkit from UIUC (their ACM student SIGOPS club) has
found the solution.  In the page tables (which are enabled in
protected-mode, they just map straight-thru), they mark 
not-preset page 0.  Walk the page directory entry 0 to the
first page table.  On that, sent entry 0 to all zeros (a
32-bit entry).  Doing so marks the first 4K of addresses as
not present.  Deref-ing a NULL pointer will quickly generate
a page fault (since the page table sez "can't go there").  It
will be caught the CPU whether you're reading, writing, or 
executing code in the first 4K.

	pte_t  * pagedir = get_cr3();
        pte_t  * pagetable = (pte_t *)( pagedir[0] & 0xFFFFF000);
        pagetable[0] = 0;	/* Zap addrs 0x0000 .. 0x0FFF */

This will map out the lower 4K from being accessed.  The ROM
BIOS data segment hides in there.  So, if you call any ROM BIOS
services (like using int86() to call real-mode stuff), you 
should see if the page tables are used.  If so, then restore
the page 90 mapping back to original value.

Please do not change the selector values.  That way leads surely
to a dark insanity..........     ;)


On Thu, 30 May 2002, James Mittler wrote:
> Hi all,
> 
> I would like to enable a null pointer check within an oskit derived kernel 
> and I think I have gotten lost in the weeds. I am not using paging, so I 
> have been trying to do this in an atypical fashion.
> 
> My first attempt was to use the debugging breakpoints and fire if something 
> read or wrote to 0x00, but this didn't work as well as expected. Since it 
> only protects memory location 0x0 any of my faulty structure accesses were 
> not caught.( 0 + variable offset was fair game)
> 
> Thinking that segmentation might be an alternative, I have been trying to 
> update the kernel DS selector to a base of something like 4096, but I have 
> been unable to get this to work. I have tried the following...
> 
> calling "fill_descriptor_base" with my new base & reinit the gdt -- is there 
> a safe place to do this?
> 
> changing linear_base_va on the fly at various points of initialization.
> 
> In each case Bochs reports a triple fault or a "TSS Selector points to bad 
> TSS".
> 
> Any help is much appreciated,
> 
> Jim
> 
> 
> 
> 
> 
> _________________________________________________________________
> Chat with friends online, try MSN Messenger: http://messenger.msn.com
> 

---------------------------------------------------------------------
brian witt    Railroads, computers, sailboats, etc.   bwitt@value.net

• Re: Null pointer checking in the kernel --help needed.
• From: Roland McGrath <roland@frob.com>

• Null pointer checking in the kernel --help needed.
• From: "James Mittler" <chicagozer@hotmail.com>

• Prev: Null pointer checking in the kernel --help needed.
• Next: Re: Null pointer checking in the kernel --help needed.
• Index(es):
  • Main
  • Thread