CVS commit: [netbsd-5] src/sys/arch/i386/i386

2012-10-31 Thread Jeff Rizzo 
Module Name:src
Committed By:   riz
Date:   Wed Oct 31 15:34:58 UTC 2012

Modified Files:
src/sys/arch/i386/i386 [netbsd-5]: locore.S

Log Message:
Pull up following revision(s) (requested by chs in ticket #1810):
sys/arch/i386/i386/locore.S: revision 1.103
in osyscall, set the PSL_I bit into the correct field of the trapframe.
it was going into tf_eip instead of tf_eflags, which would sometimes
corrupt %eip and always return to user mode with interrupts disabled.
this was found with a netbsd 1.0 binary, and dsl@ points out that
this should also fix PR 41342.


To generate a diff of this commit:
cvs rdiff -u -r1.78.4.3 -r1.78.4.4 src/sys/arch/i386/i386/locore.S

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/arch/i386/i386/locore.S
diff -u src/sys/arch/i386/i386/locore.S:1.78.4.3 src/sys/arch/i386/i386/locore.S:1.78.4.4
--- src/sys/arch/i386/i386/locore.S:1.78.4.3	Sat Apr  4 17:39:09 2009
+++ src/sys/arch/i386/i386/locore.S	Wed Oct 31 15:34:58 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: locore.S,v 1.78.4.3 2009/04/04 17:39:09 snj Exp $	*/
+/*	$NetBSD: locore.S,v 1.78.4.4 2012/10/31 15:34:58 riz Exp $	*/
 
 /*
  * Copyright-o-rama!
@@ -134,7 +134,7 @@
  */
 
 #include machine/asm.h
-__KERNEL_RCSID(0, $NetBSD: locore.S,v 1.78.4.3 2009/04/04 17:39:09 snj Exp $);
+__KERNEL_RCSID(0, $NetBSD: locore.S,v 1.78.4.4 2012/10/31 15:34:58 riz Exp $);
 
 #include opt_compat_oldboot.h
 #include opt_ddb.h
@@ -1081,7 +1081,7 @@ IDTVEC(osyscall)
 	cli			# must be first instruction
 	pushfl			# set eflags in trap frame
 	popl	8(%esp)
-	orl	$PSL_I,(%esp)	# re-enable ints on return to user
+	orl	$PSL_I,8(%esp)	# re-enable ints on return to user
 	pushl	$7		# size of instruction for restart
 	jmp	syscall1
 IDTVEC_END(osyscall)

CVS commit: [netbsd-5] src/sys/arch/i386/i386

2011-11-18 Thread Stephen Borrill 
Module Name:src
Committed By:   sborrill
Date:   Fri Nov 18 21:09:24 UTC 2011

Modified Files:
src/sys/arch/i386/i386 [netbsd-5]: vector.S

Log Message:
Pull up the following revisions(s) (requested by dholland in ticket #1687):
sys/arch/i386/i386/vector.S:revision 1.54

Keep interrupts disabled in NMI handler. Addresses PR/43007.


To generate a diff of this commit:
cvs rdiff -u -r1.42.6.3 -r1.42.6.4 src/sys/arch/i386/i386/vector.S

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/arch/i386/i386/vector.S
diff -u src/sys/arch/i386/i386/vector.S:1.42.6.3 src/sys/arch/i386/i386/vector.S:1.42.6.4
--- src/sys/arch/i386/i386/vector.S:1.42.6.3	Thu May 20 05:51:59 2010
+++ src/sys/arch/i386/i386/vector.S	Fri Nov 18 21:09:24 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: vector.S,v 1.42.6.3 2010/05/20 05:51:59 snj Exp $	*/
+/*	$NetBSD: vector.S,v 1.42.6.4 2011/11/18 21:09:24 sborrill Exp $	*/
 
 /*
  * Copyright 2002 (c) Wasabi Systems, Inc.
@@ -65,7 +65,7 @@
  */
 
 #include machine/asm.h
-__KERNEL_RCSID(0, $NetBSD: vector.S,v 1.42.6.3 2010/05/20 05:51:59 snj Exp $);
+__KERNEL_RCSID(0, $NetBSD: vector.S,v 1.42.6.4 2011/11/18 21:09:24 sborrill Exp $);
 
 #include opt_ddb.h
 #include opt_multiprocessor.h
@@ -841,7 +841,10 @@ IDTVEC(trap00)
 IDTVEC(trap01)
 	BPTTRAP(T_TRCTRAP)
 IDTVEC(trap02)
-	ZTRAP(T_NMI)
+	pushl $0
+	pushl $(T_NMI)
+	INTRENTRY
+	jmp _C_LABEL(calltrap)
 IDTVEC(trap03)
 	BPTTRAP(T_BPTFLT)
 IDTVEC(trap04)

CVS commit: [netbsd-5] src/sys/arch/i386/i386

2010-05-19 Thread Soren Jacobsen 
Module Name:src
Committed By:   snj
Date:   Thu May 20 05:51:59 UTC 2010

Modified Files:
src/sys/arch/i386/i386 [netbsd-5]: trap.c vector.S

Log Message:
Pull up following revision(s) (requested by riz in ticket #1401):
sys/arch/i386/i386/trap.c: revisions 1.251-1.253 via patch
sys/arch/i386/i386/vector.S: revisions 1.50-1.51 via patch
If we fault on the 'iret' during return to userpace (eg if %eip is outside
the bounds of %cs) then hack the stack to contain a normal fault frame
for the signal setup code (etc).
Previously the code assumed that the original user trap frame was still
present - at it is for faults when loading the segment registers.
--
If we fault on the iret during return to userspace, see if we need to
do a lazy update of %cs to make the stack executable.
If a change is made, just retry the failing sequence.
Signal handlers as gcc nested local functions now work!
--
Fix 'fault on load of %gs during retirn to userspace' to look for the
 correct instruction bytes.
Take the 'fault on load segment register' through the same path as 'fault
 on iret' so we don't have to fixup the broken stackframe that contains a
 mix of user and kernel registers,
Update comments about how the faults during return to userspace are processed.
Setting an invalid %gs in the saved context of a signal handler causes
 a SIGSEGV handler to be entered with what look like valid registers.


To generate a diff of this commit:
cvs rdiff -u -r1.241.4.1 -r1.241.4.2 src/sys/arch/i386/i386/trap.c
cvs rdiff -u -r1.42.6.2 -r1.42.6.3 src/sys/arch/i386/i386/vector.S

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/arch/i386/i386/trap.c
diff -u src/sys/arch/i386/i386/trap.c:1.241.4.1 src/sys/arch/i386/i386/trap.c:1.241.4.2
--- src/sys/arch/i386/i386/trap.c:1.241.4.1	Fri Mar 27 17:25:15 2009
+++ src/sys/arch/i386/i386/trap.c	Thu May 20 05:51:59 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: trap.c,v 1.241.4.1 2009/03/27 17:25:15 msaitoh Exp $	*/
+/*	$NetBSD: trap.c,v 1.241.4.2 2010/05/20 05:51:59 snj Exp $	*/
 
 /*-
  * Copyright (c) 1998, 2000, 2005, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -68,7 +68,7 @@
  */
 
 #include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: trap.c,v 1.241.4.1 2009/03/27 17:25:15 msaitoh Exp $);
+__KERNEL_RCSID(0, $NetBSD: trap.c,v 1.241.4.2 2010/05/20 05:51:59 snj Exp $);
 
 #include opt_ddb.h
 #include opt_kgdb.h
@@ -131,6 +131,7 @@
 static inline int xmm_si_code(struct lwp *);
 void trap(struct trapframe *);
 void trap_tss(struct i386tss *, int, int);
+void trap_return_fault_return(struct trapframe *) __dead;
 
 #ifdef KVM86
 #include machine/kvm86.h
@@ -276,7 +277,7 @@
 	struct proc *p;
 	int type = frame-tf_trapno;
 	struct pcb *pcb;
-	extern char fusubail[], kcopy_fault[], trapreturn[], IDTVEC(osyscall)[];
+	extern char fusubail[], kcopy_fault[], IDTVEC(osyscall)[];
 	struct trapframe *vframe;
 	ksiginfo_t ksi;
 	void *onfault;
@@ -392,67 +393,76 @@
 
 		/*
 		 * Check for failure during return to user mode.
+		 * This can happen loading invalid values into the segment
+		 * registers, or during the 'iret' itself.
 		 *
 		 * We do this by looking at the instruction we faulted on.
 		 * The specific instructions we recognize only happen when
 		 * returning from a trap, syscall, or interrupt.
-		 *
-		 * At this point, there are (at least) two trap frames on
-		 * the kernel stack; we presume here that we faulted while
-		 * loading our registers out of the outer one.
 		 */
+
+		KSI_INIT_TRAP(ksi);
+		ksi.ksi_signo = SIGSEGV;
+		ksi.ksi_code = SEGV_ACCERR;
+		ksi.ksi_trap = type;
+
 		switch (*(u_char *)frame-tf_eip) {
 		case 0xcf:	/* iret */
-			vframe = (void *)((int)frame-tf_esp -
+			/*
+			 * The 'iret' instruction faulted, so we have the
+			 * 'user' registers saved after the kernel %eip:%cs:%fl
+			 * of the 'iret' and below that the user %eip:%cs:%fl
+			 * the 'iret' was processing.
+			 * We must delete the 3 words of kernel return address
+			 * from the stack to generate a normal stack frame
+			 * (eg for sending a SIGSEGV).
+			 */
+			vframe = (void *)((int *)frame + 3);
+			if (KERNELMODE(vframe-tf_cs, vframe-tf_eflags))
+goto we_re_toast;
+			memmove(vframe, frame,
 			offsetof(struct trapframe, tf_eip));
+			/* Set the faulting address to the user %eip */
+			ksi.ksi_addr = (void *)vframe-tf_eip;
 			break;
 		case 0x8e:
 			switch (*(uint32_t *)frame-tf_eip) {
-			case 0x0c245c8e:	/* movl 0xc(%esp,1),%ds */
-			case 0x0824448e:	/* movl 0x8(%esp,1),%es */
-			case 0x0424648e:	/* movl 0x4(%esp,1),%fs */
-			case 0x00246c8e:	/* movl 0x0(%esp,1),%gs */
+			case 0x8e242c8e:	/* mov (%esp,%gs), then */
+			case 0x0424648e:	/* mov 0x4(%esp),%fs */
+			case 0x0824448e:	/* mov 0x8(%esp),%es */
+			case 0x0c245c8e:	/* mov 0xc(%esp),%ds */
 break;
 			default:
 goto we_re_toast;
 			}
-			vframe = (void *)(int)frame-tf_esp;
+			/*
+			 * We faulted loading

CVS commit: [netbsd-5] src/sys/arch/i386/i386

2010-02-16 Thread Manuel Bouyer 
Module Name:src
Committed By:   bouyer
Date:   Tue Feb 16 21:24:15 UTC 2010

Modified Files:
src/sys/arch/i386/i386 [netbsd-5]: ibcs2_machdep.c svr4_machdep.c

Log Message:
Pull up following revision(s) (requested by drochner in ticket #1307):
sys/arch/i386/i386/svr4_machdep.c: revision 1.96
sys/arch/i386/i386/ibcs2_machdep.c: revision 1.40
fix confused CS selector, fixes the panic reported by Mark Davis
per PR port-i386/42787 (the panic happens due to a GPF when a
privileged descriptor is tried to be loaded with the UPL bit set)
The original bug is very old (pre-2.0, i386/svr4_machdep.c rev. 1.69),
but it was relatively harmless until the order of GDT entries was
shuffled (pre-5.0, i386/segments.h rev. 1.42). Before, it caused
a userlevel data selector to be used for CS which broke the emulation
(likely the reason of PR port-i386/32424). The shuffle made that
a privileged selector was used, causing the GPF.
(recent -current doesn't panic on that GPF which seems to be a
side effect of another change)


To generate a diff of this commit:
cvs rdiff -u -r1.36 -r1.36.10.1 src/sys/arch/i386/i386/ibcs2_machdep.c
cvs rdiff -u -r1.92 -r1.92.4.1 src/sys/arch/i386/i386/svr4_machdep.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/arch/i386/i386/ibcs2_machdep.c
diff -u src/sys/arch/i386/i386/ibcs2_machdep.c:1.36 src/sys/arch/i386/i386/ibcs2_machdep.c:1.36.10.1
--- src/sys/arch/i386/i386/ibcs2_machdep.c:1.36	Mon Apr 28 20:23:24 2008
+++ src/sys/arch/i386/i386/ibcs2_machdep.c	Tue Feb 16 21:24:15 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: ibcs2_machdep.c,v 1.36 2008/04/28 20:23:24 martin Exp $	*/
+/*	$NetBSD: ibcs2_machdep.c,v 1.36.10.1 2010/02/16 21:24:15 bouyer Exp $	*/
 
 /*-
  * Copyright (c) 1997, 2000 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: ibcs2_machdep.c,v 1.36 2008/04/28 20:23:24 martin Exp $);
+__KERNEL_RCSID(0, $NetBSD: ibcs2_machdep.c,v 1.36.10.1 2010/02/16 21:24:15 bouyer Exp $);
 
 #if defined(_KERNEL_OPT)
 #include opt_vm86.h
@@ -78,7 +78,7 @@
 		pcb-pcb_savefpu.sv_87.sv_env.en_cw = __iBCS2_NPXCW__;
 	tf = l-l_md.md_regs;
 	tf-tf_eax = 0x200;		/* XXX base of heap */
-	tf-tf_cs = GSEL(LUCODEBIG_SEL, SEL_UPL);
+	tf-tf_cs = GSEL(GUCODEBIG_SEL, SEL_UPL);
 }
 
 /*

Index: src/sys/arch/i386/i386/svr4_machdep.c
diff -u src/sys/arch/i386/i386/svr4_machdep.c:1.92 src/sys/arch/i386/i386/svr4_machdep.c:1.92.4.1
--- src/sys/arch/i386/i386/svr4_machdep.c:1.92	Fri Sep 19 19:15:58 2008
+++ src/sys/arch/i386/i386/svr4_machdep.c	Tue Feb 16 21:24:15 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: svr4_machdep.c,v 1.92 2008/09/19 19:15:58 christos Exp $	 */
+/*	$NetBSD: svr4_machdep.c,v 1.92.4.1 2010/02/16 21:24:15 bouyer Exp $	 */
 
 /*-
  * Copyright (c) 1994, 2000 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: svr4_machdep.c,v 1.92 2008/09/19 19:15:58 christos Exp $);
+__KERNEL_RCSID(0, $NetBSD: svr4_machdep.c,v 1.92.4.1 2010/02/16 21:24:15 bouyer Exp $);
 
 #if defined(_KERNEL_OPT)
 #include opt_vm86.h
@@ -119,7 +119,7 @@
 		pcb-pcb_savefpu.sv_xmm.sv_env.en_cw = __SVR4_NPXCW__;
 	else
 		pcb-pcb_savefpu.sv_87.sv_env.en_cw = __SVR4_NPXCW__;
-	tf-tf_cs = GSEL(LUCODEBIG_SEL, SEL_UPL);
+	tf-tf_cs = GSEL(GUCODEBIG_SEL, SEL_UPL);
 }
 
 void *

CVS commit: [netbsd-5] src/sys/arch/i386/i386

2009-04-10 Thread Soren Jacobsen 
Module Name:src
Committed By:   snj
Date:   Fri Apr 10 18:10:46 UTC 2009

Modified Files:
src/sys/arch/i386/i386 [netbsd-5]: kvm86.c

Log Message:
Pull up following revision(s) (requested by sborrill in ticket #683):
sys/arch/i386/i386/kvm86.c: revision 1.18
Add missing cpu.h include required by last commit.


To generate a diff of this commit:
cvs rdiff -u -r1.15.12.1 -r1.15.12.2 src/sys/arch/i386/i386/kvm86.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/arch/i386/i386/kvm86.c
diff -u src/sys/arch/i386/i386/kvm86.c:1.15.12.1 src/sys/arch/i386/i386/kvm86.c:1.15.12.2
--- src/sys/arch/i386/i386/kvm86.c:1.15.12.1	Sat Apr  4 17:39:09 2009
+++ src/sys/arch/i386/i386/kvm86.c	Fri Apr 10 18:10:46 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: kvm86.c,v 1.15.12.1 2009/04/04 17:39:09 snj Exp $ */
+/* $NetBSD: kvm86.c,v 1.15.12.2 2009/04/10 18:10:46 snj Exp $ */
 
 /*
  * Copyright (c) 2002
@@ -27,7 +27,7 @@
  */
 
 #include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: kvm86.c,v 1.15.12.1 2009/04/04 17:39:09 snj Exp $);
+__KERNEL_RCSID(0, $NetBSD: kvm86.c,v 1.15.12.2 2009/04/10 18:10:46 snj Exp $);
 
 #include opt_multiprocessor.h
 
@@ -37,6 +37,7 @@
 #include sys/user.h
 #include sys/malloc.h
 #include sys/mutex.h
+#include sys/cpu.h
 
 #include uvm/uvm.h