349216589d
Split the handlers for pop of invalid selectors from the trap frame into usermode and kernel variants. Usermode handler is kept as is, it restores the already loaded parts of the trap frame and jumps to set up a signal delivery to the user process. New kernel part of the handler emulates IRET treatment of the segments which would violate access right. It loads NUL selector in the segment register which load causes the fault, and then continues the return to interrupted kernel code. Since invalid selectors in the segment registers in the kernel mode can only exist while kernel still enters or exits from userspace, we only zero invalid userspace selectors. If userspace tries to use the segment register, it gets a signal, as if the processor segment descriptor cache was reloaded. Reported by: Maxime Villard <max@m00nbsd.net> Suggested and reviewed by: bde Sponsored by: The FreeBSD Foundation MFC after: 1 week