This patch addresses a use-after-free (UAF) vulnerability in the
sys_mount. The issue occurred due to improper handling of memory
deallocation, which could lead to crashes or undefined behavior on user
request of mounting.
Changes made:
- Moved the `rt_free(copy_source)` function call to occur after the necessary
operations are completed, preventing premature deallocation of memory.
Signed-off-by: Shell <smokewood@qq.com>
This patch optimizes the user-space context handling in the ARM64
architecture, specifically improving how the context is saved and
restored during system calls and interrupts. The changes make the
code more efficient and easier to maintain, while ensuring proper
preservation of user context during system transitions.
Changes:
- Introduced a parameter for context saving to improve flexibility.
- Replaced hardcoded stack pointer operations with frame-relative
references for better readability and code reuse.
- Simplified context restoration, removing redundant operations like
loading/storing floating-point registers.
Signed-off-by: Shell <smokewood@qq.com>
The ref_count of the vnode is NOT bound to the resource reference counts
of the ptm device created by opening `dev/ptmx`, so the conditional
release of resource may end up by memory leaking if the multiple user
have open the `dev/ptmx`.
Changes:
- Removed conditional branch on recycling resource
Signed-off-by: Shell <smokewood@qq.com>
The `LWP_CONSOLE_INPUT_BUFFER_SIZE` is a legacy config option for TTY
driver used in smart. Since the driver is updated, there's no dependency
of this option any more.
Changes:
- Removed unused Kconfig option `LWP_CONSOLE_INPUT_BUFFER_SIZE`
Signed-off-by: Shell <smokewood@qq.com>
This patch addresses the potential issue of uninitialized elements in
the argument vector returned by `lwp_get_command_line_args()`. The
previous implementation could leave `argv` in an inconsistent state
if certain errors occurred, leading to possible undefined behavior.
Changes:
- Replaced `rt_malloc()` with `rt_calloc()` to ensure `argv` is properly initialized.
- Added a consistent error handling path using `goto error_exit` to handle memory allocation failures and string copy errors.
- Ensured `lwp_free_command_line_args()` is called before returning on error, preventing potential memory leaks.
Signed-off-by: Shell <smokewood@qq.com>
This patch focuses on the ARM64 general context handling code.
The modifications are aimed at enhancing performance by simplifying
context save/restore operations.
Changes include:
- Adjusted stack alignment in `arch_set_thread_context` function.
- Updated `lwp_gcc.S` to reset frame pointer and link register.
- Refined `rt_hw_backtrace_frame_unwind` to handle user space address checks.
- Added `GET_THREAD_SELF` macro in `asm-generic.h`.
- Simplified context saving/restoring in `context_gcc.h` and related files.
- Optimized `rt_hw_context_switch_interrupt` and related assembly routines.
Signed-off-by: Shell <smokewood@qq.com>
Do unmap before shrink so we don't see mapped entry on page table
insertion, which is not acceptable for riscv implementation of
architecture porting.
Changes:
- add un-mapping of pte on `_null_shrink()`
Signed-off-by: Shell <smokewood@qq.com>
* [libcpu] support for ARCH_REMAP_KERNEL
These changes introduce support for the ARCH_REMAP_KERNEL configuration,
which isolates kernel space in high virtual address regions. This feature
is necessary to enhance memory protection and management by segregating
user and kernel spaces more effectively.
Changes:
- Updated conditional macros to check for ARCH_REMAP_KERNEL instead of
ARCH_KERNEL_IN_HIGH_VA in board initialization files to reflect the new
configuration option.
- Modified qemu-virt64-riscv Kconfig and SConstruct files to include and
utilize ARCH_REMAP_KERNEL.
- Created a new linker script `link_smart.lds` for smart linking in qemu-virt64-riscv.
- Updated rtconfig.py to use a more flexible execution path setup.
- Enhanced user address space definitions in `lwp_arch.h` to support the
new virtual address mappings.
- Adjusted kernel memory initialization and mapping logic in `c906/mmu.c`
and `virt64/mmu.c` to account for high virtual address regions.
- Added Kconfig option to enable ARCH_REMAP_KERNEL for RISCV64 architectures.
- Enhanced memory setup functions to support new mapping scheme, including
updates to early page table setup and address relocation logic.
These modifications ensure that the system can utilize high memory
addresses for the kernel, improving memory isolation and system stability.
Signed-off-by: Shell <smokewood@qq.com>
* fixup: CI run failed
* bsp: default config without using smart
* fixup: static checks
* restore rt_hw_mmu_kernel_map_init for D1
---------
Signed-off-by: Shell <smokewood@qq.com>
* [smart] add CPU usage tracing config
This patch introduces following features:
- Added CPU usage tracing functionality, enabled by default, for
applications like 'top'
- update time as smart independent
Signed-off-by: Shell <smokewood@qq.com>
* fixup: add ump idle thread
---------
Signed-off-by: Shell <smokewood@qq.com>
This patch fixup the script execution capabilities on argv passing
and adds support for arguments larger than 4k.
According to POSIX, the script parameter is quiet different
from the current implementation. Especially on the way it inserts
the path of executables. At the end, when you execute a script
from `$PATH`, it always fails.
For the script, interpreter will be invoked with the following
arguments: `{interpreter [optional-arg] pathname arg...}`
where pathname is the pathname of the file specified as the first
argument of execve(), and arg... is the series of words pointed
to by the argv argument of execve(), starting at argv[1]. Note that
there is no way to get the argv[0] that was passed to the
execve() call.
The changes include:
- Separating argument, environment variable, and auxiliary vector
processing into a new lwp_args.c file.
- Fixing bugs in script argument processing and supporting arguments
larger than 4k.
- Updating lwp_execve to use the new argscopy function and removing
the old lwp_argscopy function.
- Making various modifications to lwp_load and elf_aux_fill to work
with the new argument processing.
- Removing unnecessary code related to dynamic loading and interpreter
scripts.
Signed-off-by: Shell <smokewood@qq.com>
Correct `sched_setaffinity()` to use the thread IDs (TIDs) instead of
process IDs (PIDs). The previous implementation used PIDs, which
caused issues since affinity settings need to be applied at the
thread level.
As the manual documented, the signature is:
> int sched_setaffinity(pid_t pid, size_t cpusetsize,
> const cpu_set_t *mask);
Yes, it's tricky, the identification passing in is called **'PID'**.
But when we talk about 'pid' from GNU libc, it's the **'task-id'**,
aka, `thread->tid` known in kernel.
Changes were made by updating the function signatures and logic in
`lwp.h`, `lwp_pid.c`, and `lwp_syscall.c` to accept TIDs. Specifically,
the `lwp_setaffinity` function and related internal functions now
operate using thread IDs and adjust thread affinity settings accordingly
Signed-off-by: Shell <smokewood@qq.com>
In this patch, a hook list has been introduced to address the concerns
regarding coupling issues arising from modifications to the serial code
for integrating TTY logic.
Signed-off-by: Shell <smokewood@qq.com>