kernel: subr: Check uaddr against mmap ledger

When validating memory addresses coming from userspace, we currently
only check if it is within range of the program stack or data. However,
data may also be allocated in the heap which involves addresses stored
in the memory map ledger. In order for user programs to be able to pass
references to that kind of memory to syscalls, we must be able to check the
addresses against ledger entries as well.

Signed-off-by: Ian Moffett <ian@osmora.org>

1 files changed, 21 insertions, 0 deletions

diff --git a/sys/kern/kern_subr.c b/sys/kern/kern_subr.c
index f437ec7..8a08f33 100644
--- a/sys/kern/kern_subr.c
+++ b/sys/kern/kern_subr.c
@@ -29,9 +29,12 @@
 
 #include <sys/proc.h>
 #include <sys/types.h>
+#include <sys/param.h>
 #include <sys/errno.h>
+#include <sys/mman.h>
 #include <sys/exec.h>
 #include <sys/systm.h>
+#include <vm/vm.h>
 #include <string.h>
 
 /*
@@ -45,6 +48,8 @@ static bool
 check_uaddr(const void *uaddr)
 {
     vaddr_t stack_start, stack_end;
+    struct mmap_lgdr *lp;
+    struct mmap_entry find, *res;
     struct exec_prog exec;
     struct proc *td;
     uintptr_t addr;
@@ -61,6 +66,22 @@ check_uaddr(const void *uaddr)
     if (addr >= stack_start && addr <= stack_end)
         return true;
 
+    /* Try to grab the mmap ledger */
+    if ((lp = td->mlgdr) == NULL) {
+        return false;
+    }
+
+    /*
+     * Now give an attempt at looking through the
+     * mmap ledger. Perhaps this memory was allocated
+     * in the user heap?
+     */
+    find.va_start = ALIGN_DOWN(addr, DEFAULT_PAGESIZE);
+    res = RBT_FIND(lgdr_entries, &lp->hd, &find);
+    if (res != NULL) {
+        return true;
+    }
+
     return false;
 }