refactor(mm): 修改异常表安全拷贝的错误处理返回值 (#1395)

fslongjin · web-flow · commit 7100b83424d0 · 2025-11-21T14:26:52.000+08:00
将copy_with_exception_table和memset_with_exception_table的返回值从错误码改为剩余
未操作字节数

Signed-off-by: longjin &lt;longjin@DragonOS.org&gt;
diff --git a/docs/kernel/memory_management/extable_safe_copy_design.md b/docs/kernel/memory_management/extable_safe_copy_design.md
@@ -61,7 +61,7 @@
 │                   │ 4. 修改指令指针(RIP)           │          │
 │                   │         ↓                    │          │
 │                   │ 5. 执行修复代码                │          │
-│                   │    └─ 设置错误码(-1)           │          │
+│                   │    └─ 返回剩余未拷贝字节数      │          │
 │                   │         ↓                    │          │
 │                   │ 6. 返回EFAULT给用户            │          │
 │                   └──────────────────────────────┘          │
@@ -99,7 +99,7 @@
                               │
                              是
                               ↓
-                    修改RIP到修复代码 ──→ 返回错误码
+                    修改RIP到修复代码 ──→ 返回剩余未拷贝字节数
 ```
 
 ## 典型执行场景
@@ -135,7 +135,7 @@
          ↓
     ┌────────────────────────────────┐
     │ 4. 修改指令指针到修复代码          │
-    │    └─ 设置返回值为错误码          │
+    │    └─ 设置返回值为剩余未拷贝字节数  │
     └────────────────────────────────┘
          │
          ↓
@@ -149,7 +149,7 @@
 
 **关键点:**
 - 无需预检查地址有效性
-- 页错误自动转换为错误码
+- 页错误自动转换为返回剩余未拷贝字节数
 - 内核不会panic,用户程序收到明确的错误信息
 
 ## 使用场景分析
diff --git a/kernel/src/arch/x86_64/interrupt/trap.rs b/kernel/src/arch/x86_64/interrupt/trap.rs
@@ -363,7 +363,7 @@ Segment Selector Index: {:#x}\n
 
 /// 处理页错误 14 #PF
 #[no_mangle]
-unsafe extern "C" fn do_page_fault(regs: &'static TrapFrame, error_code: u64) {
+unsafe extern "C" fn do_page_fault(regs: &'static mut TrapFrame, error_code: u64) {
     // error!(
     //     "do_page_fault(14), \tError code: {:#x},\trsp: {:#x},\trip: {:#x},\t CPU: {}, \tpid: {:?}, \nFault Address: {:#x}",
     //     error_code,
diff --git a/kernel/src/arch/x86_64/mm/fault.rs b/kernel/src/arch/x86_64/mm/fault.rs
@@ -66,11 +66,7 @@ impl X86_64MMArch {
         false
     }
 
-    pub fn show_fault_oops(
-        regs: &'static TrapFrame,
-        error_code: X86PfErrorCode,
-        address: VirtAddr,
-    ) {
+    pub fn show_fault_oops(regs: &TrapFrame, error_code: X86PfErrorCode, address: VirtAddr) {
         let mapper =
             unsafe { PageMapper::current(crate::mm::PageTableKind::User, LockedFrameAllocator) };
         if let Some(entry) = mapper.get_entry(address, 0) {
@@ -131,11 +127,7 @@ impl X86_64MMArch {
         );
     }
 
-    pub fn page_fault_oops(
-        regs: &'static TrapFrame,
-        error_code: X86PfErrorCode,
-        address: VirtAddr,
-    ) {
+    pub fn page_fault_oops(regs: &TrapFrame, error_code: X86PfErrorCode, address: VirtAddr) {
         if regs.is_from_user() {
             Self::show_fault_oops(regs, error_code, address);
         }
@@ -149,7 +141,7 @@ impl X86_64MMArch {
     /// - `error_code`: 错误标志
     /// - `address`: 发生缺页异常的虚拟地址
     pub fn do_kern_addr_fault(
-        regs: &'static TrapFrame,
+        regs: &'static mut TrapFrame,
         error_code: X86PfErrorCode,
         address: VirtAddr,
     ) {
@@ -196,7 +188,7 @@ impl X86_64MMArch {
     /// - `true`: 成功修复,可以继续执行
     /// - `false`: 无法修复,是真正的内核错误
     fn try_fixup_exception(
-        regs: &'static TrapFrame,
+        regs: &mut TrapFrame,
         _error_code: X86PfErrorCode,
         address: VirtAddr,
     ) -> bool {
@@ -215,10 +207,7 @@ impl X86_64MMArch {
             );
 
             // 修改trap frame的RIP到修复代码
-            unsafe {
-                let regs_mut = regs as *const TrapFrame as *mut TrapFrame;
-                (*regs_mut).rip = fixup_addr as u64;
-            }
+            regs.rip = fixup_addr as u64;
 
             return true;
         }
@@ -233,7 +222,7 @@ impl X86_64MMArch {
     /// - `error_code`: 错误标志
     /// - `address`: 发生缺页异常的虚拟地址
     pub unsafe fn do_user_addr_fault(
-        regs: &'static TrapFrame,
+        regs: &'static mut TrapFrame,
         error_code: X86PfErrorCode,
         address: VirtAddr,
     ) {
@@ -298,17 +287,17 @@ impl X86_64MMArch {
         };
 
         // 辅助函数：处理内核访问用户地址失败的情况
-        let handle_kernel_access_failed = || {
+        let handle_kernel_access_failed = |r: &mut TrapFrame| {
             // 如果是内核代码访问用户地址，尝试异常表修复
-            if !regs.is_from_user() {
-                if Self::try_fixup_exception(regs, error_code, address) {
+            if !r.is_from_user() {
+                if Self::try_fixup_exception(r, error_code, address) {
                     return true; // 成功修复
                 }
                 // 如果异常表中没有，说明是bug
                 error!(
                     "Kernel code at {:#x} illegally accessed user address {:#x} \
                      without exception table entry",
-                    regs.rip,
+                    r.rip,
                     address.data()
                 );
                 panic!("Illegal user space access from kernel");
@@ -333,7 +322,7 @@ impl X86_64MMArch {
                     );
 
                     // VMA不存在，检查是否需要异常表修复
-                    if handle_kernel_access_failed() {
+                    if handle_kernel_access_failed(regs) {
                         return; // 已通过异常表修复
                     }
 
@@ -358,7 +347,7 @@ impl X86_64MMArch {
                         );
 
                         // 栈溢出，检查是否需要异常表修复
-                        if handle_kernel_access_failed() {
+                        if handle_kernel_access_failed(regs) {
                             return; // 已通过异常表修复
                         }
 
@@ -386,7 +375,7 @@ impl X86_64MMArch {
                     log::error!("fault rip: {:#x}", regs.rip);
 
                     // 地址不在VMA范围内，检查是否需要异常表修复
-                    if handle_kernel_access_failed() {
+                    if handle_kernel_access_failed(regs) {
                         return; // 已通过异常表修复
                     }
 
@@ -403,7 +392,7 @@ impl X86_64MMArch {
                 );
 
                 // VMA权限错误，检查是否需要异常表修复
-                if handle_kernel_access_failed() {
+                if handle_kernel_access_failed(regs) {
                     return; // 已通过异常表修复
                 }
 
diff --git a/kernel/src/arch/x86_64/mm/mod.rs b/kernel/src/arch/x86_64/mm/mod.rs
@@ -395,13 +395,10 @@ impl MemoryManagementArch for X86_64MMArch {
     }
 
     /// 带异常表保护的内存拷贝
-    #[inline(always)]
-    unsafe fn copy_with_exception_table(dst: *mut u8, src: *const u8, len: usize) -> i32 {
-        let mut result: i32;
+    unsafe fn copy_with_exception_table(dst: *mut u8, src: *const u8, len: usize) -> usize {
+        let mut result: usize;
 
         core::arch::asm!(
-            // 保存原始值
-            "xor {result:e}, {result:e}",
 
             // 标记为可能出错的访问点
             "2:",
@@ -411,23 +408,21 @@ impl MemoryManagementArch for X86_64MMArch {
             // 正常完成,跳过错误处理
             "jmp 3f",
 
-            // 错误处理: 设置返回值为-1
+            // 错误处理: 将剩余未拷贝的字节数返回(rcx会输出出去)
             "4:",
-            "mov {result:e}, -1",
 
             "3:",
 
             // 添加异常表条目
             ".pushsection __ex_table, \"a\"",
             ".balign 8",
             ".quad 2b - .",
-            ".quad 4b - .",
+            ".quad 4b - . + 8",
             ".popsection",
 
-            result = out(reg) result,
             inout("rdi") dst => _,
             inout("rsi") src => _,
-            inout("rcx") len => _,
+            inout("rcx") len => result,
             options(att_syntax, nostack)
         );
 
@@ -446,13 +441,10 @@ impl MemoryManagementArch for X86_64MMArch {
     /// ## 返回值
     /// - 0: 成功
     /// - -1: 发生页错误
-    #[inline(always)]
-    unsafe fn memset_with_exception_table(dst: *mut u8, value: u8, len: usize) -> i32 {
-        let mut result: i32;
+    unsafe fn memset_with_exception_table(dst: *mut u8, value: u8, len: usize) -> usize {
+        let mut result: usize;
 
         core::arch::asm!(
-            // 初始化返回值为0
-            "xor {result:e}, {result:e}",
 
             // 标记为可能出错的访问点
             "2:",
@@ -463,22 +455,20 @@ impl MemoryManagementArch for X86_64MMArch {
             // 正常完成，跳过错误处理
             "jmp 3f",
 
-            // 错误处理: 设置返回值为-1
+            // 错误处理: 将剩余未设置的字节数返回
             "4:",
-            "mov {result:e}, -1",
 
             "3:",
 
             // 添加异常表条目
             ".pushsection __ex_table, \"a\"",
             ".balign 8",
             ".quad 2b - .",
-            ".quad 4b - .",
+            ".quad 4b - . + 8",
             ".popsection",
 
-            result = out(reg) result,
             inout("rdi") dst => _,
-            inout("rcx") len => _,
+            inout("rcx") len => result,
             inout("al") value => _,
             options(att_syntax, nostack)
         );
diff --git a/kernel/src/exception/extable.rs b/kernel/src/exception/extable.rs
@@ -6,22 +6,22 @@
 #[derive(Debug, Clone, Copy)]
 pub struct ExceptionTableEntry {
     /// 可能触发异常的指令地址(相对于表项地址的偏移)
-    pub insn_offset: i32,
+    pub insn_offset: i64,
     /// 修复代码地址(相对于表项地址的偏移)
-    pub fixup_offset: i32,
+    pub fixup_offset: i64,
 }
 
 impl ExceptionTableEntry {
     /// 获取指令的绝对地址
     pub fn insn_addr(&self) -> usize {
         let self_addr = self as *const Self as usize;
-        (self_addr as i64 + self.insn_offset as i64) as usize
+        (self_addr as i64 + self.insn_offset) as usize
     }
 
     /// 获取修复代码的绝对地址
     pub fn fixup_addr(&self) -> usize {
         let self_addr = self as *const Self as usize;
-        (self_addr as i64 + self.fixup_offset as i64) as usize
+        (self_addr as i64 + self.fixup_offset) as usize
     }
 }
 
diff --git a/kernel/src/mm/mod.rs b/kernel/src/mm/mod.rs
@@ -714,8 +714,8 @@ pub trait MemoryManagementArch: Clone + Copy + Debug {
     ///
     /// ## 返回值
     /// - 0: 成功
-    /// - -1: 发生页错误
-    unsafe fn copy_with_exception_table(dst: *mut u8, src: *const u8, len: usize) -> i32 {
+    /// - 其他值： 剩余未拷贝的字节数
+    unsafe fn copy_with_exception_table(dst: *mut u8, src: *const u8, len: usize) -> usize {
         // 对于不支持异常表的架构，直接使用普通的内存拷贝
         ptr::copy_nonoverlapping(src, dst, len);
         0
@@ -734,8 +734,8 @@ pub trait MemoryManagementArch: Clone + Copy + Debug {
     ///
     /// ## 返回值
     /// - 0: 成功
-    /// - -1: 发生页错误
-    unsafe fn memset_with_exception_table(dst: *mut u8, value: u8, len: usize) -> i32 {
+    /// - 其他值： 剩余未设置的字节数
+    unsafe fn memset_with_exception_table(dst: *mut u8, value: u8, len: usize) -> usize {
         // 对于不支持异常表的架构，直接使用普通的内存设置
         ptr::write_bytes(dst, value, len);
         0

Original file line number	Diff line number	Diff line change
`@@ -6,22 +6,22 @@`
`6`	`6`	`#[derive(Debug, Clone, Copy)]`
`7`	`7`	`pub struct ExceptionTableEntry {`
`8`	`8`	`/// 可能触发异常的指令地址(相对于表项地址的偏移)`
`9`		`- pub insn_offset: i32,`
	`9`	`+ pub insn_offset: i64,`
`10`	`10`	`/// 修复代码地址(相对于表项地址的偏移)`
`11`		`- pub fixup_offset: i32,`
	`11`	`+ pub fixup_offset: i64,`
`12`	`12`	`}`
`13`	`13`
`14`	`14`	`impl ExceptionTableEntry {`
`15`	`15`	`/// 获取指令的绝对地址`
`16`	`16`	`pub fn insn_addr(&self) -> usize {`
`17`	`17`	`let self_addr = self as *const Self as usize;`
`18`		`- (self_addr as i64 + self.insn_offset as i64) as usize`
	`18`	`+ (self_addr as i64 + self.insn_offset) as usize`
`19`	`19`	`}`
`20`	`20`
`21`	`21`	`/// 获取修复代码的绝对地址`
`22`	`22`	`pub fn fixup_addr(&self) -> usize {`
`23`	`23`	`let self_addr = self as *const Self as usize;`
`24`		`- (self_addr as i64 + self.fixup_offset as i64) as usize`
	`24`	`+ (self_addr as i64 + self.fixup_offset) as usize`
`25`	`25`	`}`
`26`	`26`	`}`
`27`	`27`