Projects (at) Tadryanom (dot) Me

author	Tulio A M Mendes <[email protected]>
	Thu, 12 Feb 2026 07:40:52 +0000 (04:40 -0300)
committer	Tulio A M Mendes <[email protected]>
	Fri, 13 Feb 2026 02:44:55 +0000 (23:44 -0300)
commit	d35d6666f6b27d9fcdf15d3c4cbb4141efb0895e
tree	5754af042b95b74969b6cf38f560cf81255a0599	tree \| snapshot
parent	4f02dac9b065b894446e0da4dcc79998699b96fe	commit \| diff

feat: guard pages for kernel stacks — detect overflow via page fault

Replaced kmalloc(4096) kernel stack allocation with a dedicated
kstack_alloc() that uses a virtual address region (0xC8000000+)
with guard pages. Each stack slot is 2 pages:

[guard page (unmapped)] [stack page (mapped, 4KB)]

If a kernel stack overflows, the CPU hits the unmapped guard page
and triggers a page fault instead of silently corrupting heap
metadata. This eliminates the class of heap corruption bugs caused
by deep syscall call chains or large stack frames.

All 4 kernel stack allocation sites updated:
- process_init (PID 0)
- process_fork_create
- process_clone_impl
- create_kernel_thread

kstack_free() unmaps the stack page on process exit.