Set the stack index of the double fault IDT entry

Cargo.toml

@@ -7,6 +7,7 @@ authors = ["Philipp Oppermann <dev@phil-opp.com>"]
 crate-type = ["staticlib"]
 
 [dependencies]
+bit_field = "0.7.0"
 rlibc = "1.0"
 volatile = "0.1.0"
 spin = "0.4.5"

README.md

@@ -1,12 +1,14 @@
-# Blog OS (Handling Exceptions)
-[![Build Status](https://travis-ci.org/phil-opp/blog_os.svg?branch=post_9)](https://travis-ci.org/phil-opp/blog_os/branches)
+# Blog OS (Double Faults)
+[![Build Status](https://travis-ci.org/phil-opp/blog_os.svg?branch=post_10)](https://travis-ci.org/phil-opp/blog_os/branches)
 
-This repository contains the source code for the [Handling Exceptions](http://os.phil-opp.com/handling-exceptions.html) post of the [Writing an OS in Rust](http://os.phil-opp.com) series.
+This repository contains the source code for the [Double Faults](http://os.phil-opp.com/double-faults.html) post of the [Writing an OS in Rust](http://os.phil-opp.com) series.
 
 **Check out the [master branch](https://github.com/phil-opp/blog_os) for more information.**
 
 ## Building
-You need to have `nasm`, `grub-mkrescue`, `xorriso`, `qemu`, and a nightly Rust compiler installed. Then you can run it using `make run`.
+You need to have `nasm`, `grub-mkrescue`, `xorriso`, `qemu`, a nightly Rust compiler, and [xargo] installed. Then you can run it using `make run`.
+
+[xargo]: https://github.com/japaric/xargo
 
 Please file an issue if you have any problems.
 

src/interrupts.rs

@@ -1,19 +0,0 @@
-use x86_64::structures::idt::{Idt, ExceptionStackFrame};
-
-lazy_static! {
-    static ref IDT: Idt = {
-        let mut idt = Idt::new();
-        idt.breakpoint.set_handler_fn(breakpoint_handler);
-        idt
-    };
-}
-
-pub fn init() {
-    IDT.load();
-}
-
-extern "x86-interrupt" fn breakpoint_handler(
-    stack_frame: &mut ExceptionStackFrame)
-{
-    println!("EXCEPTION: BREAKPOINT\n{:#?}", stack_frame);
-}

src/interrupts/gdt.rs

@@ -0,0 +1,95 @@
+use x86_64::structures::tss::TaskStateSegment;
+use x86_64::structures::gdt::SegmentSelector;
+use x86_64::PrivilegeLevel;
+
+pub struct Gdt {
+    table: [u64; 8],
+    next_free: usize,
+}
+
+impl Gdt {
+    pub fn new() -> Gdt {
+        Gdt {
+            table: [0; 8],
+            next_free: 1,
+        }
+    }
+
+    pub fn add_entry(&mut self, entry: Descriptor) -> SegmentSelector {
+        let index = match entry {
+            Descriptor::UserSegment(value) => self.push(value),
+            Descriptor::SystemSegment(value_low, value_high) => {
+                let index = self.push(value_low);
+                self.push(value_high);
+                index
+            }
+        };
+        SegmentSelector::new(index as u16, PrivilegeLevel::Ring0)
+    }
+
+    pub fn load(&'static self) {
+        use x86_64::instructions::tables::{DescriptorTablePointer, lgdt};
+        use core::mem::size_of;
+
+        let ptr = DescriptorTablePointer {
+            base: self.table.as_ptr() as u64,
+            limit: (self.table.len() * size_of::<u64>() - 1) as u16,
+        };
+
+        unsafe { lgdt(&ptr) };
+    }
+
+    fn push(&mut self, value: u64) -> usize {
+        if self.next_free < self.table.len() {
+            let index = self.next_free;
+            self.table[index] = value;
+            self.next_free += 1;
+            index
+        } else {
+            panic!("GDT full");
+        }
+    }
+}
+
+pub enum Descriptor {
+    UserSegment(u64),
+    SystemSegment(u64, u64),
+}
+
+impl Descriptor {
+    pub fn kernel_code_segment() -> Descriptor {
+        let flags = USER_SEGMENT | PRESENT | EXECUTABLE | LONG_MODE;
+        Descriptor::UserSegment(flags.bits())
+    }
+
+    pub fn tss_segment(tss: &'static TaskStateSegment) -> Descriptor {
+        use core::mem::size_of;
+        use bit_field::BitField;
+
+        let ptr = tss as *const _ as u64;
+
+        let mut low = PRESENT.bits();
+        // base
+        low.set_bits(16..40, ptr.get_bits(0..24));
+        low.set_bits(56..64, ptr.get_bits(24..32));
+        // limit (the `-1` in needed since the bound is inclusive)
+        low.set_bits(0..16, (size_of::<TaskStateSegment>() - 1) as u64);
+        // type (0b1001 = available 64-bit tss)
+        low.set_bits(40..44, 0b1001);
+
+        let mut high = 0;
+        high.set_bits(0..32, ptr.get_bits(32..64));
+
+        Descriptor::SystemSegment(low, high)
+    }
+}
+
+bitflags! {
+    flags DescriptorFlags: u64 {
+        const CONFORMING        = 1 << 42,
+        const EXECUTABLE        = 1 << 43,
+        const USER_SEGMENT      = 1 << 44,
+        const PRESENT           = 1 << 47,
+        const LONG_MODE         = 1 << 53,
+    }
+}

src/interrupts/mod.rs

@@ -0,0 +1,72 @@
+use x86_64::VirtualAddress;
+use x86_64::structures::idt::{Idt, ExceptionStackFrame};
+use x86_64::structures::tss::TaskStateSegment;
+use memory::MemoryController;
+use spin::Once;
+
+mod gdt;
+
+lazy_static! {
+    static ref IDT: Idt = {
+        let mut idt = Idt::new();
+        idt.breakpoint.set_handler_fn(breakpoint_handler);
+        unsafe {
+            idt.double_fault.set_handler_fn(double_fault_handler)
+                .set_stack_index(DOUBLE_FAULT_IST_INDEX as u16);
+        }
+        idt
+    };
+}
+
+static TSS: Once<TaskStateSegment> = Once::new();
+static GDT: Once<gdt::Gdt> = Once::new();
+
+const DOUBLE_FAULT_IST_INDEX: usize = 0;
+
+pub fn init(memory_controller: &mut MemoryController) {
+    use x86_64::structures::gdt::SegmentSelector;
+    use x86_64::instructions::segmentation::set_cs;
+    use x86_64::instructions::tables::load_tss;
+
+    let double_fault_stack = memory_controller.alloc_stack(1)
+        .expect("could not allocate double fault stack");
+
+    let tss = TSS.call_once(|| {
+        let mut tss = TaskStateSegment::new();
+        tss.interrupt_stack_table[DOUBLE_FAULT_IST_INDEX] = VirtualAddress(
+            double_fault_stack.top());
+        tss
+    });
+
+    let mut code_selector = SegmentSelector(0);
+    let mut tss_selector = SegmentSelector(0);
+    let gdt = GDT.call_once(|| {
+        let mut gdt = gdt::Gdt::new();
+        code_selector = gdt.add_entry(gdt::Descriptor::kernel_code_segment());
+        tss_selector = gdt.add_entry(gdt::Descriptor::tss_segment(&tss));
+        gdt
+    });
+    gdt.load();
+
+     unsafe {
+        // reload code segment register
+        set_cs(code_selector);
+        // load TSS
+        load_tss(tss_selector);
+    }
+
+    IDT.load();
+}
+
+extern "x86-interrupt" fn breakpoint_handler(
+    stack_frame: &mut ExceptionStackFrame)
+{
+    println!("EXCEPTION: BREAKPOINT\n{:#?}", stack_frame);
+}
+
+extern "x86-interrupt" fn double_fault_handler(
+    stack_frame: &mut ExceptionStackFrame, _error_code: u64)
+{
+    println!("\nEXCEPTION: DOUBLE FAULT\n{:#?}", stack_frame);
+    loop {}
+}

src/lib.rs

@@ -24,6 +24,7 @@ extern crate once;
 extern crate linked_list_allocator;
 #[macro_use]
 extern crate lazy_static;
+extern crate bit_field;
 #[macro_use]
 mod vga_buffer;
 mod memory;
@@ -42,14 +43,14 @@ pub extern "C" fn rust_main(multiboot_information_address: usize) {
     enable_write_protect_bit();
 
     // set up guard page and map the heap pages
-    memory::init(boot_info);
+    let mut memory_controller = memory::init(boot_info);
 
     unsafe {
         HEAP_ALLOCATOR.lock().init(HEAP_START, HEAP_START + HEAP_SIZE);
     }
 
     // initialize our IDT
-    interrupts::init();
+    interrupts::init(&mut memory_controller);
 
     for i in 0..10000 {
         format!("Some String");
@@ -58,6 +59,14 @@ pub extern "C" fn rust_main(multiboot_information_address: usize) {
     // invoke a breakpoint exception
     x86_64::instructions::interrupts::int3();
 
+    fn stack_overflow() {
+        stack_overflow(); // for each recursion, the return address is pushed
+    }
+
+    // trigger a stack overflow
+    stack_overflow();
+
+
     println!("It did not crash!");
     loop {}
 }

src/memory/mod.rs

@@ -1,16 +1,17 @@
 pub use self::area_frame_allocator::AreaFrameAllocator;
 pub use self::paging::remap_the_kernel;
+pub use self::stack_allocator::Stack;
 use self::paging::PhysicalAddress;
 use multiboot2::BootInformation;
 
 mod area_frame_allocator;
 pub mod heap_allocator;
 mod paging;
+mod stack_allocator;
 
 pub const PAGE_SIZE: usize = 4096;
 
-
-pub fn init(boot_info: &BootInformation) {
+pub fn init(boot_info: &BootInformation) -> MemoryController {
     assert_has_not_been_called!("memory::init must be called only once");
 
     let memory_map_tag = boot_info.memory_map_tag().expect(
@@ -48,6 +49,20 @@ pub fn init(boot_info: &BootInformation) {
     for page in Page::range_inclusive(heap_start_page, heap_end_page) {
         active_table.map(page, paging::WRITABLE, &mut frame_allocator);
     }
+
+    let stack_allocator = {
+        let stack_alloc_start = heap_end_page + 1;
+        let stack_alloc_end = stack_alloc_start + 100;
+        let stack_alloc_range = Page::range_inclusive(stack_alloc_start,
+                                                      stack_alloc_end);
+        stack_allocator::StackAllocator::new(stack_alloc_range)
+    };
+
+    MemoryController {
+        active_table: active_table,
+        frame_allocator: frame_allocator,
+        stack_allocator: stack_allocator,
+    }
 }
 
 #[derive(Debug, PartialEq, Eq, PartialOrd, Ord)]
@@ -99,3 +114,19 @@ pub trait FrameAllocator {
     fn allocate_frame(&mut self) -> Option<Frame>;
     fn deallocate_frame(&mut self, frame: Frame);
 }
+
+pub struct MemoryController {
+    active_table: paging::ActivePageTable,
+    frame_allocator: AreaFrameAllocator,
+    stack_allocator: stack_allocator::StackAllocator,
+}
+
+impl MemoryController {
+    pub fn alloc_stack(&mut self, size_in_pages: usize) -> Option<Stack> {
+        let &mut MemoryController { ref mut active_table,
+                                    ref mut frame_allocator,
+                                    ref mut stack_allocator } = self;
+        stack_allocator.alloc_stack(active_table, frame_allocator,
+                                    size_in_pages)
+    }
+}

src/memory/paging/mod.rs

@@ -1,6 +1,6 @@
 pub use self::entry::*;
 pub use self::mapper::Mapper;
-use core::ops::{Deref, DerefMut};
+use core::ops::{Deref, DerefMut, Add};
 use core::ptr::Unique;
 use memory::{PAGE_SIZE, Frame, FrameAllocator};
 use multiboot2::BootInformation;
@@ -30,7 +30,7 @@ impl Page {
         Page { number: address / PAGE_SIZE }
     }
 
-    fn start_address(&self) -> usize {
+    pub fn start_address(&self) -> usize {
         self.number * PAGE_SIZE
     }
 
@@ -55,6 +55,16 @@ impl Page {
     }
 }
 
+impl Add<usize> for Page {
+    type Output = Page;
+
+    fn add(self, rhs: usize) -> Page {
+        Page { number: self.number + rhs }
+    }
+}
+
+
+#[derive(Clone)]
 pub struct PageIter {
     start: Page,
     end: Page,

src/memory/stack_allocator.rs

@@ -0,0 +1,79 @@
+use memory::paging::{self, Page, PageIter, ActivePageTable};
+use memory::{PAGE_SIZE, FrameAllocator};
+
+pub struct StackAllocator {
+    range: PageIter,
+}
+
+impl StackAllocator {
+    pub fn new(page_range: PageIter) -> StackAllocator {
+        StackAllocator { range: page_range }
+    }
+}
+
+impl StackAllocator {
+    pub fn alloc_stack<FA: FrameAllocator>(&mut self,
+                                           active_table: &mut ActivePageTable,
+                                           frame_allocator: &mut FA,
+                                           size_in_pages: usize)
+                                           -> Option<Stack> {
+        if size_in_pages == 0 {
+            return None; /* a zero sized stack makes no sense */
+        }
+
+        // clone the range, since we only want to change it on success
+        let mut range = self.range.clone();
+
+        // try to allocate the stack pages and a guard page
+        let guard_page = range.next();
+        let stack_start = range.next();
+        let stack_end = if size_in_pages == 1 {
+            stack_start
+        } else {
+            // choose the (size_in_pages-2)th element, since index
+            // starts at 0 and we already allocated the start page
+            range.nth(size_in_pages - 2)
+        };
+
+        match (guard_page, stack_start, stack_end) {
+            (Some(_), Some(start), Some(end)) => {
+                // success! write back updated range
+                self.range = range;
+
+                // map stack pages to physical frames
+                for page in Page::range_inclusive(start, end) {
+                    active_table.map(page, paging::WRITABLE, frame_allocator);
+                }
+
+                // create a new stack
+                let top_of_stack = end.start_address() + PAGE_SIZE;
+                Some(Stack::new(top_of_stack, start.start_address()))
+            }
+            _ => None, /* not enough pages */
+        }
+    }
+}
+
+#[derive(Debug)]
+pub struct Stack {
+    top: usize,
+    bottom: usize,
+}
+
+impl Stack {
+    fn new(top: usize, bottom: usize) -> Stack {
+        assert!(top > bottom);
+        Stack {
+            top: top,
+            bottom: bottom,
+        }
+    }
+
+    pub fn top(&self) -> usize {
+        self.top
+    }
+
+    pub fn bottom(&self) -> usize {
+        self.bottom
+    }
+}