Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-28 01:55:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

[NTOS:KE] In KiExitV86Mode, restore KTSS::Esp0 to its standard value. CORE-16531

Browse source 
The trap frame is in a random location on the stack, and setting Esp0 there
wastes significant amounts of space and may lead to unexpected stack overflows.

Also use a more descriptive expression for the V86 members of the KTRAP_FRAME.
This commit is contained in:
Thomas Faber 2019-12-01 20:36:13 +01:00
parent 5b83d86af5
commit 07de9d1da3
No known key found for this signature in database
GPG key ID: 076E7C3D44720826
3 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ntoskrnl/ke/i386/exp.c
View file

@ -291,8 +291,8 @@ Ki386AdjustEsp0(IN PKTRAP_FRAME TrapFrame)
if (!(TrapFrame->EFlags & EFLAGS_V86_MASK)) if (!(TrapFrame->EFlags & EFLAGS_V86_MASK))
{ {
/* Bias the stack for the V86 segments */ /* Bias the stack for the V86 segments */
Stack -= (FIELD_OFFSET(KTRAP_FRAME, V86Gs) - Stack -= sizeof(KTRAP_FRAME) -
FIELD_OFFSET(KTRAP_FRAME, HardwareSegSs)); FIELD_OFFSET(KTRAP_FRAME, V86Es);
} }
/* Bias the stack for the FPU area */ /* Bias the stack for the FPU area */

2
ntoskrnl/ke/i386/thrdini.c
View file

@ -369,7 +369,7 @@ KiSwapContextExit(IN PKTHREAD OldThread,
Pcr->TSS->Esp0 = (ULONG_PTR)NewThread->InitialStack; Pcr->TSS->Esp0 = (ULONG_PTR)NewThread->InitialStack;
if (!((KeGetTrapFrame(NewThread))->EFlags & EFLAGS_V86_MASK)) if (!((KeGetTrapFrame(NewThread))->EFlags & EFLAGS_V86_MASK))
{ {
Pcr->TSS->Esp0 -= (FIELD_OFFSET(KTRAP_FRAME, V86Gs) - FIELD_OFFSET(KTRAP_FRAME, HardwareSegSs)); Pcr->TSS->Esp0 -= sizeof(KTRAP_FRAME) - FIELD_OFFSET(KTRAP_FRAME, V86Es);
} }
Pcr->TSS->Esp0 -= NPX_FRAME_LENGTH; Pcr->TSS->Esp0 -= NPX_FRAME_LENGTH;
Pcr->TSS->IoMapBase = NewProcess->IopmOffset; Pcr->TSS->IoMapBase = NewProcess->IopmOffset;

7
ntoskrnl/ke/i386/v86vdm.c
View file

@ -467,17 +467,16 @@ ULONG_PTR
FASTCALL FASTCALL
KiExitV86Mode(IN PKTRAP_FRAME TrapFrame) KiExitV86Mode(IN PKTRAP_FRAME TrapFrame)
{ {
PKPCR Pcr = KeGetPcr();
ULONG_PTR StackFrameUnaligned; ULONG_PTR StackFrameUnaligned;
PKV8086_STACK_FRAME StackFrame; PKV8086_STACK_FRAME StackFrame;
PKTHREAD Thread; PKTHREAD Thread;
PKTRAP_FRAME PmTrapFrame;
PKV86_FRAME V86Frame; PKV86_FRAME V86Frame;
PFX_SAVE_AREA NpxFrame; PFX_SAVE_AREA NpxFrame;
/* Get the stack frame back */ /* Get the stack frame back */
StackFrameUnaligned = TrapFrame->Esi; StackFrameUnaligned = TrapFrame->Esi;
StackFrame = (PKV8086_STACK_FRAME)(ROUND_UP(StackFrameUnaligned - 4, 16) + 4); StackFrame = (PKV8086_STACK_FRAME)(ROUND_UP(StackFrameUnaligned - 4, 16) + 4);
PmTrapFrame = &StackFrame->TrapFrame;
V86Frame = &StackFrame->V86Frame; V86Frame = &StackFrame->V86Frame;
NpxFrame = &StackFrame->NpxArea; NpxFrame = &StackFrame->NpxArea;
ASSERT((ULONG_PTR)NpxFrame % 16 == 0); ASSERT((ULONG_PTR)NpxFrame % 16 == 0);
@ -490,7 +489,9 @@ KiExitV86Mode(IN PKTRAP_FRAME TrapFrame)
Thread->InitialStack = (PVOID)((ULONG_PTR)V86Frame->ThreadStack + sizeof(FX_SAVE_AREA)); Thread->InitialStack = (PVOID)((ULONG_PTR)V86Frame->ThreadStack + sizeof(FX_SAVE_AREA));
/* Set ESP0 back in the KTSS */ /* Set ESP0 back in the KTSS */
KeGetPcr()->TSS->Esp0 = (ULONG_PTR)&PmTrapFrame->V86Es; Pcr->TSS->Esp0 = (ULONG_PTR)Thread->InitialStack;
Pcr->TSS->Esp0 -= sizeof(KTRAP_FRAME) - FIELD_OFFSET(KTRAP_FRAME, V86Es);
Pcr->TSS->Esp0 -= NPX_FRAME_LENGTH;
/* Restore TEB addresses */ /* Restore TEB addresses */
Thread->Teb = V86Frame->ThreadTeb; Thread->Teb = V86Frame->ThreadTeb;