d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1.Fix smp race between kernel vm86 BIOS calling and userland vm86 mode code,

Browse Source 
remove global variable in_vm86call, set vm86 calling flag in PCB flags.

2.Fix vm86 BIOS calling preempted problem by changing vm86_lock mutex type
  from MTX_DEF to MTX_SPIN. vm86pcb is not remembered in thread struct,
  when the thread calling vm86 BIOS is preempted by interrupt thread,
  and later switching back to the thread would cause incorrect context be
  loaded into CPU registers, this leads to kernel crash.
This commit is contained in:
davidxu 2002-11-07 01:34:23 +00:00
parent eb2bab3fc0
commit 52ca7b4d7c
12 changed files with 32 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sys/amd64/amd64/exception.S
View File

@ -281,8 +281,9 @@ doreti_next:
*/
testl $PSL_VM,TF_EFLAGS(%esp) /* are we in vm86 mode? */
jz doreti_notvm86
cmpl $1,in_vm86call /* are we in a vm86 call? XXXSMP */
jne doreti_ast /* can handle ASTs now if not */
movl PCPU(CURPCB),%ecx
testl $PCB_VM86CALL,PCB_FLAGS(%ecx) /* are we in a vm86 call? */
jz doreti_ast /* can handle ASTS now if not */
jmp doreti_exit
doreti_notvm86:

5
sys/amd64/amd64/exception.s
View File

@ -281,8 +281,9 @@ doreti_next:
*/
testl $PSL_VM,TF_EFLAGS(%esp) /* are we in vm86 mode? */
jz doreti_notvm86
cmpl $1,in_vm86call /* are we in a vm86 call? XXXSMP */
jne doreti_ast /* can handle ASTs now if not */
movl PCPU(CURPCB),%ecx
testl $PCB_VM86CALL,PCB_FLAGS(%ecx) /* are we in a vm86 call? */
jz doreti_ast /* can handle ASTS now if not */
jmp doreti_exit
doreti_notvm86:

1
sys/amd64/amd64/genassym.c
View File

@ -146,6 +146,7 @@ ASSYM(PCB_SAVEFPU_SIZE, sizeof(union savefpu));
ASSYM(PCB_ONFAULT, offsetof(struct pcb, pcb_onfault));
ASSYM(PCB_SIZE, sizeof(struct pcb));
ASSYM(PCB_VM86CALL, PCB_VM86CALL);
ASSYM(TF_TRAPNO, offsetof(struct trapframe, tf_trapno));
ASSYM(TF_ERR, offsetof(struct trapframe, tf_err));

12
sys/amd64/amd64/trap.c
View File

@ -260,7 +260,8 @@ trap(frame)
#endif /* DEVICE_POLLING */
if ((ISPL(frame.tf_cs) == SEL_UPL) ||
((frame.tf_eflags & PSL_VM) && !in_vm86call)) {
((frame.tf_eflags & PSL_VM) &&
!(PCPU_GET(curpcb)->pcb_flags & PCB_VM86CALL))) {
/* user trap */
sticks = td->td_kse->ke_sticks;
@ -311,9 +312,7 @@ trap(frame)
case T_PROTFLT: /* general protection fault */
case T_STKFLT: /* stack fault */
if (frame.tf_eflags & PSL_VM) {
mtx_lock(&Giant);
i = vm86_emulate((struct vm86frame *)&frame);
mtx_unlock(&Giant);
if (i == 0)
goto user;
break;
@ -466,9 +465,7 @@ trap(frame)
case T_PROTFLT: /* general protection fault */
case T_STKFLT: /* stack fault */
if (frame.tf_eflags & PSL_VM) {
mtx_lock(&Giant);
i = vm86_emulate((struct vm86frame *)&frame);
mtx_unlock(&Giant);
if (i != 0)
/*
* returns to original process
@ -482,7 +479,7 @@ trap(frame)
/* FALL THROUGH */
case T_SEGNPFLT: /* segment not present fault */
if (in_vm86call)
if (PCPU_GET(curpcb)->pcb_flags & PCB_VM86CALL)
break;
if (td->td_intr_nesting_level != 0)
@ -584,7 +581,8 @@ trap(frame)
* debugging the kernel.
*/
/* XXX Giant */
if (user_dbreg_trap() && !in_vm86call) {
if (user_dbreg_trap() &&
!(PCPU_GET(curpcb)->pcb_flags & PCB_VM86CALL)) {
/*
* Reset breakpoint bits because the
* processor doesn't

2
sys/amd64/include/pcb.h
View File

@ -67,6 +67,8 @@ struct pcb {
#define PCB_DBREGS 0x02 /* process using debug registers */
#define PCB_NPXTRAP 0x04 /* npx trap pending */
#define PCB_NPXINITDONE 0x08 /* fpu state is initialized */
#define PCB_VM86CALL 0x10 /* in vm86 call */
caddr_t pcb_onfault; /* copyin/out fault recovery */
int pcb_gs;
struct pcb_ext *pcb_ext; /* optional pcb extension */

5
sys/i386/i386/exception.s
View File

@ -281,8 +281,9 @@ doreti_next:
*/
testl $PSL_VM,TF_EFLAGS(%esp) /* are we in vm86 mode? */
jz doreti_notvm86
cmpl $1,in_vm86call /* are we in a vm86 call? XXXSMP */
jne doreti_ast /* can handle ASTs now if not */
movl PCPU(CURPCB),%ecx
testl $PCB_VM86CALL,PCB_FLAGS(%ecx) /* are we in a vm86 call? */
jz doreti_ast /* can handle ASTS now if not */
jmp doreti_exit
doreti_notvm86:

1
sys/i386/i386/genassym.c
View File

@ -146,6 +146,7 @@ ASSYM(PCB_SAVEFPU_SIZE, sizeof(union savefpu));
ASSYM(PCB_ONFAULT, offsetof(struct pcb, pcb_onfault));
ASSYM(PCB_SIZE, sizeof(struct pcb));
ASSYM(PCB_VM86CALL, PCB_VM86CALL);
ASSYM(TF_TRAPNO, offsetof(struct trapframe, tf_trapno));
ASSYM(TF_ERR, offsetof(struct trapframe, tf_err));

12
sys/i386/i386/trap.c
View File

@ -260,7 +260,8 @@ trap(frame)
#endif /* DEVICE_POLLING */
if ((ISPL(frame.tf_cs) == SEL_UPL) ||
((frame.tf_eflags & PSL_VM) && !in_vm86call)) {
((frame.tf_eflags & PSL_VM) &&
!(PCPU_GET(curpcb)->pcb_flags & PCB_VM86CALL))) {
/* user trap */
sticks = td->td_kse->ke_sticks;
@ -311,9 +312,7 @@ trap(frame)
case T_PROTFLT: /* general protection fault */
case T_STKFLT: /* stack fault */
if (frame.tf_eflags & PSL_VM) {
mtx_lock(&Giant);
i = vm86_emulate((struct vm86frame *)&frame);
mtx_unlock(&Giant);
if (i == 0)
goto user;
break;
@ -466,9 +465,7 @@ trap(frame)
case T_PROTFLT: /* general protection fault */
case T_STKFLT: /* stack fault */
if (frame.tf_eflags & PSL_VM) {
mtx_lock(&Giant);
i = vm86_emulate((struct vm86frame *)&frame);
mtx_unlock(&Giant);
if (i != 0)
/*
* returns to original process
@ -482,7 +479,7 @@ trap(frame)
/* FALL THROUGH */
case T_SEGNPFLT: /* segment not present fault */
if (in_vm86call)
if (PCPU_GET(curpcb)->pcb_flags & PCB_VM86CALL)
break;
if (td->td_intr_nesting_level != 0)
@ -584,7 +581,8 @@ trap(frame)
* debugging the kernel.
*/
/* XXX Giant */
if (user_dbreg_trap() && !in_vm86call) {
if (user_dbreg_trap() &&
!(PCPU_GET(curpcb)->pcb_flags & PCB_VM86CALL)) {
/*
* Reset breakpoint bits because the
* processor doesn't

11
sys/i386/i386/vm86.c
View File

@ -425,12 +425,13 @@ vm86_initialize(void)
pcb = &vml->vml_pcb;
ext = &vml->vml_ext;
mtx_init(&vm86_lock, "vm86 lock", NULL, MTX_DEF);
mtx_init(&vm86_lock, "vm86 lock", NULL, MTX_SPIN);
bzero(pcb, sizeof(struct pcb));
pcb->new_ptd = vm86pa | PG_V | PG_RW | PG_U;
pcb->vm86_frame = vm86paddr - sizeof(struct vm86frame);
pcb->pgtable_va = vm86paddr;
pcb->pcb_flags = PCB_VM86CALL;
pcb->pcb_ext = ext;
bzero(ext, sizeof(struct pcb_ext));
@ -577,9 +578,9 @@ vm86_intcall(int intnum, struct vm86frame *vmf)
return (EINVAL);
vmf->vmf_trapno = intnum;
mtx_lock(&vm86_lock);
mtx_lock_spin(&vm86_lock);
retval = vm86_bioscall(vmf);
mtx_unlock(&vm86_lock);
mtx_unlock_spin(&vm86_lock);
return (retval);
}
@ -599,7 +600,7 @@ vm86_datacall(intnum, vmf, vmc)
u_int page;
int i, entry, retval;
mtx_lock(&vm86_lock);
mtx_lock_spin(&vm86_lock);
for (i = 0; i < vmc->npages; i++) {
page = vtophys(vmc->pmap[i].kva & PG_FRAME);
entry = vmc->pmap[i].pte_num;
@ -616,7 +617,7 @@ vm86_datacall(intnum, vmf, vmc)
pte[entry] = vmc->pmap[i].old_pte;
pmap_invalidate_page(kernel_pmap, vmc->pmap[i].kva);
}
mtx_unlock(&vm86_lock);
mtx_unlock_spin(&vm86_lock);
return (retval);
}

7
sys/i386/i386/vm86bios.s
View File

@ -44,9 +44,8 @@
.data
ALIGN_DATA
.globl in_vm86call, vm86pcb
.globl vm86pcb
in_vm86call: .long 0
vm86pcb: .long 0
.text
@ -129,8 +128,6 @@ ENTRY(vm86_bioscall)
call vm86_prepcall /* finish setup */
movl $1,in_vm86call /* set flag for trap() */
/*
* Return via doreti
*/
@ -158,8 +155,6 @@ ENTRY(vm86_biosret)
popl %eax
movl %eax,%cr3 /* install old page table */
movl $0,in_vm86call /* reset trapflag */
movl PCPU(TSS_GDT),%ebx /* entry in GDT */
movl SCR_TSS0(%edx),%eax
movl %eax,0(%ebx) /* restore first word */

2
sys/i386/include/pcb.h
View File

@ -67,6 +67,8 @@ struct pcb {
#define PCB_DBREGS 0x02 /* process using debug registers */
#define PCB_NPXTRAP 0x04 /* npx trap pending */
#define PCB_NPXINITDONE 0x08 /* fpu state is initialized */
#define PCB_VM86CALL 0x10 /* in vm86 call */
caddr_t pcb_onfault; /* copyin/out fault recovery */
int pcb_gs;
struct pcb_ext *pcb_ext; /* optional pcb extension */

1
sys/i386/include/vm86.h
View File

@ -145,7 +145,6 @@ struct vm86_intcall_args {
};
#ifdef _KERNEL
extern int in_vm86call;
extern int vm86paddr;
struct thread;