diff options
| author | Philip Guenther <guenther@cvs.openbsd.org> | 2017-10-13 05:14:03 +0000 |
|---|---|---|
| committer | Philip Guenther <guenther@cvs.openbsd.org> | 2017-10-13 05:14:03 +0000 |
| commit | 7d5eac398d70e5a1f261640406f3763fcd387a7b (patch) | |
| tree | cf3c227c8005fd29ab00ed830a3031411af8aaaf /sys/arch | |
| parent | b188f5be58bd1b386f79e539ddbb55310bff2e19 (diff) | |
I was one bit off in the "is canonical" test for FS.base (TCB pointer) values,
so it was still possible to fault the kernel.
Problem observed by Maxime Villard
ok deraadt@ bluhm@
Diffstat (limited to 'sys/arch')
| -rw-r--r-- | sys/arch/amd64/include/tcb.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/arch/amd64/include/tcb.h b/sys/arch/amd64/include/tcb.h index 03f65706292..8c5ba966791 100644 --- a/sys/arch/amd64/include/tcb.h +++ b/sys/arch/amd64/include/tcb.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tcb.h,v 1.5 2017/09/27 05:43:55 guenther Exp $ */ +/* $OpenBSD: tcb.h,v 1.6 2017/10/13 05:14:02 guenther Exp $ */ /* * Copyright (c) 2011 Philip Guenther <guenther@openbsd.org> @@ -28,7 +28,7 @@ void tcb_set(struct proc *_p, void *_newtcb); #define TCB_SET(p, addr) tcb_set(p, addr) /* address must be in canonical form; requiring lower-half is okay */ -#define TCB_INVALID(addr) ((u_long)(addr) > 0x0000ffffffffffff) +#define TCB_INVALID(addr) ((u_long)(addr) > 0x00007fffffffffff) #else /* _KERNEL */ |