From 2664afbd7d72f4c319ce687b073a50520128e586 Mon Sep 17 00:00:00 2001
From: Christian Prochaska <christian.prochaska@genode-labs.com>
Date: Thu, 21 Feb 2013 17:47:15 +0100
Subject: [PATCH] Remove context area from physical RAM allocator

In base-fiasco, base-foc and base-pistachio, physical memory gets mapped
1:1 to core virtual memory. When the 'Ram_session_component' allocates
physical memory for a client, it zeroes out the corresponding area in
core's virtual address space and then maps the area to the client. If this
area overlaps with core's virtual thread context area (usually at
0x40000000-0x4fffffff), the stack of one or more core threads can get
overwritten.

To avoid this problem, with this patch, the thread context area gets
removed from the physical RAM allocator on these platforms.

Fixes #660.
---
 base-fiasco/src/core/platform.cc            | 15 +++++++++++++--
 base-foc/src/core/platform.cc               | 15 +++++++++++++--
 base-pistachio/src/core/include/map_local.h | 12 ++++++++++--
 base-pistachio/src/core/platform.cc         | 18 ++++++++++++++++--
 4 files changed, 52 insertions(+), 8 deletions(-)

diff --git a/base-fiasco/src/core/platform.cc b/base-fiasco/src/core/platform.cc
index 9a83f09a2..a5a3cbdb9 100644
--- a/base-fiasco/src/core/platform.cc
+++ b/base-fiasco/src/core/platform.cc
@@ -187,6 +187,14 @@ struct Region
 
 	Region() : start(0), end(0) { }
 	Region(addr_t s, addr_t e) : start(s), end(e) { }
+
+	/**
+	 * Returns true if the specified range intersects with the region
+	 */
+	bool intersects(addr_t base, size_t size) const
+	{
+		return (((base + size) > start) && (base < end));
+	}
 };
 
 
@@ -296,8 +304,11 @@ void Platform::_setup_mem_alloc()
 				}
 
 				region.start = addr; region.end = addr + size;
-				add_region(region, _ram_alloc);
-				add_region(region, _core_address_ranges());
+				if (!region.intersects(Native_config::context_area_virtual_base(),
+				                       Native_config::context_area_virtual_size())) {
+					add_region(region, _ram_alloc);
+					add_region(region, _core_address_ranges());
+				}
 				remove_region(region, _io_mem_alloc);
 				remove_region(region, _region_alloc);
 			}
diff --git a/base-foc/src/core/platform.cc b/base-foc/src/core/platform.cc
index 93f1a648b..8c73276b6 100644
--- a/base-foc/src/core/platform.cc
+++ b/base-foc/src/core/platform.cc
@@ -171,6 +171,14 @@ struct Region
 
 	Region() : start(0), end(0) { }
 	Region(addr_t s, addr_t e) : start(s), end(e) { }
+
+	/**
+	 * Returns true if the specified range intersects with the region
+	 */
+	bool intersects(addr_t base, size_t size) const
+	{
+		return (((base + size) > start) && (base < end));
+	}
 };
 
 
@@ -308,8 +316,11 @@ void Platform::_setup_mem_alloc()
 				}
 
 				region.start = addr; region.end = addr + size;
-				add_region(region, _ram_alloc);
-				add_region(region, _core_address_ranges());
+				if (!region.intersects(Native_config::context_area_virtual_base(),
+				                       Native_config::context_area_virtual_size())) {
+					add_region(region, _ram_alloc);
+					add_region(region, _core_address_ranges());
+				}
 				remove_region(region, _io_mem_alloc);
 				remove_region(region, _region_alloc);
 			}
diff --git a/base-pistachio/src/core/include/map_local.h b/base-pistachio/src/core/include/map_local.h
index 953932979..e0a1be03c 100644
--- a/base-pistachio/src/core/include/map_local.h
+++ b/base-pistachio/src/core/include/map_local.h
@@ -20,6 +20,7 @@
 
 /* Pistachio includes */
 namespace Pistachio {
+#include <l4/space.h>
 #include <l4/types.h>
 #include <l4/ipc.h>
 #include <l4/kdebug.h>
@@ -40,7 +41,7 @@ namespace Genode {
 	 */
 	inline static bool map_local(addr_t from_addr, addr_t to_addr, size_t num_pages)
 	{
-	
+
 		Native_thread_id core_pager = platform_specific()->core_pager()->native_thread_id();
 
 		addr_t offset = 0;
@@ -85,7 +86,14 @@ namespace Genode {
 	 */
 	inline void unmap_local(addr_t virt, size_t num_pages)
 	{
-		PERR("unmap_local() called - not implemented yet");
+		size_t page_size = get_page_size();
+		addr_t offset = 0;
+		for (unsigned i = 0; i < num_pages; i++, offset += page_size) {
+			using namespace Pistachio;
+			L4_Fpage_t fpage = L4_Fpage(virt + offset, page_size);
+			fpage += L4_FullyAccessible;
+			L4_Flush(fpage);
+		}
 	}
 }
 
diff --git a/base-pistachio/src/core/platform.cc b/base-pistachio/src/core/platform.cc
index 4a7fa3ba1..96a05a76f 100644
--- a/base-pistachio/src/core/platform.cc
+++ b/base-pistachio/src/core/platform.cc
@@ -21,6 +21,7 @@
 
 /* core includes */
 #include <core_parent.h>
+#include <map_local.h>
 #include <platform.h>
 #include <platform_thread.h>
 #include <platform_pd.h>
@@ -247,6 +248,14 @@ struct Region
 
 	Region() : start(0), end(0) { }
 	Region(addr_t s, addr_t e) : start(s), end(e) { }
+
+	/**
+	 * Returns true if the specified range intersects with the region
+	 */
+	bool intersects(addr_t base, size_t size) const
+	{
+		return (((base + size) > start) && (base < end));
+	}
 };
 
 
@@ -396,8 +405,13 @@ void Platform::_setup_mem_alloc()
 
 				} else {
 					region.start = addr; region.end = addr + size;
-					add_region(region, _ram_alloc);
-					add_region(region, _core_address_ranges());
+					if (!region.intersects(Native_config::context_area_virtual_base(),
+					                       Native_config::context_area_virtual_size())) {
+						add_region(region, _ram_alloc);
+						add_region(region, _core_address_ranges());
+					} else {
+						unmap_local(region.start, size >> get_page_size_log2());
+					}
 					remove_region(region, _io_mem_alloc);
 					remove_region(region, _region_alloc);
 				}