From d518e99002bac7c0ea5711323b59b784f75638f2 Mon Sep 17 00:00:00 2001 From: Phillip Tennen Date: Wed, 7 Feb 2024 14:31:51 +0000 Subject: [PATCH] [Kernel] Only copy a pointer to the IDT table to avoid OOB write --- docs/todo.md | 8 ++++++++ kernel/kernel/smp.c | 5 ++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/docs/todo.md b/docs/todo.md index 3aef1fda..4db9808d 100644 --- a/docs/todo.md +++ b/docs/todo.md @@ -312,3 +312,11 @@ Read a config/max_cpus.txt to decide when to stop booting APs Read a config/resolution.txt to decide the resolution selected by the bootloader Auto install LLD link? Or llvm with brew? Need lld-link for the UEFI build + +// TODO(PT): It'd be nice to have some kind of font API that allowed anyone to retrieve a reference to a +// font from any point, instead of needing to pass references all the way through the control flow. +// Maybe there's an in-process font store that caches scanlines, etc, and fetches fonts from the FS. +// The 'fetch from FS' has a platform-specific implementation. To facilitate this (as the paths will be +// different on each OS), we could have an enum to model the possible font options, with an escape hatch +// 'get from this path' variant, which could perhaps hold different values depending on the OS. + diff --git a/kernel/kernel/smp.c b/kernel/kernel/smp.c index 4938266c..927aa57e 100644 --- a/kernel/kernel/smp.c +++ b/kernel/kernel/smp.c @@ -56,8 +56,11 @@ void smp_init(void) { // Copy the IDT pointer idt_pointer_t* current_idt = kernel_idt_pointer(); + // Crash because current_idt->table_size == 0xfff, and copying to 0x9400 causes it to write outside the AP bootstrap data page + printf("Current IDT %p size %p dest %p\n", current_idt, current_idt->table_size, AP_BOOTSTRAP_PARAM_IDT); // It's fine to copy the high-memory IDT as the bootstrap will enable paging before loading it - memcpy((void*)PMA_TO_VMA(AP_BOOTSTRAP_PARAM_IDT), current_idt, sizeof(idt_pointer_t) + current_idt->table_size); + //memcpy((void*)PMA_TO_VMA(AP_BOOTSTRAP_PARAM_IDT), current_idt, sizeof(idt_pointer_t) + current_idt->table_size); + memcpy((void*)PMA_TO_VMA(AP_BOOTSTRAP_PARAM_IDT), current_idt, sizeof(idt_pointer_t*)); // Copy the C entry point uintptr_t ap_c_entry_point_addr = (uintptr_t)&ap_c_entry;