:: commit 9676a3d09c680eea2d9c384858c0bf8d9728482b

mintsuki <mintsuki@protonmail.com> — 2021-05-19 06:29

parents: eb51e5a14a

stivale: Load up invalid IDT before jumping to kernel instead of leaking internal one

diff --git a/stage23/protos/stivale.32.c b/stage23/protos/stivale.32.c
index 346cad0d..f6a919f6 100644
--- a/stage23/protos/stivale.32.c
+++ b/stage23/protos/stivale.32.c
@@ -14,6 +14,15 @@ __attribute__((noreturn)) void stivale_spinup_32(
         (uint64_t)stack_lo | ((uint64_t)stack_hi << 32)
     };
 
+    // Load invalid IDT
+    uint64_t invalid_idt[2] = {0, 0};
+    asm volatile (
+        "lidt %0"
+        :
+        : "m" (invalid_idt)
+        : "memory"
+    );
+
     if (bits == 64) {
         if (level5pg) {
             // Enable CR4.LA57
diff --git a/stage23/sys/smp_trampoline.real b/stage23/sys/smp_trampoline.real
index 807b32e3..482dd684 100644
--- a/stage23/sys/smp_trampoline.real
+++ b/stage23/sys/smp_trampoline.real
@@ -8,6 +8,7 @@ smp_trampoline:
     mov ebx, cs
     shl ebx, 4
 
+    o32 lidt [cs:invalid_idt]
     o32 lgdt [cs:passed_info.gdtr]
 
     lea eax, [ebx + .mode32]
@@ -157,9 +158,12 @@ parking64:
 
 align 16
 temp_stack:
-    times 1024 db 0
+    times 128 db 0
   .top:
 
+invalid_idt:
+    times 2 dq 0
+
 align 16
 passed_info:
     .booted_flag db 0
tab: 248 wrap: offon
iczelia
https://iczelia.net // (c) 2019 - 2026 iczelia (Kamila Szewczyk) // email: k@iczelia.net