Module Name: src Committed By: maxv Date: Sat Jul 1 10:44:43 UTC 2017
Modified Files: src/sys/arch/amd64/amd64: locore.S src/sys/arch/i386/i386: locore.S machdep.c trap.c Log Message: Remove the osyscall call gate on i386, and emulate it. There is a one- instruction race in it that could panic the kernel. To generate a diff of this commit: cvs rdiff -u -r1.123 -r1.124 src/sys/arch/amd64/amd64/locore.S cvs rdiff -u -r1.145 -r1.146 src/sys/arch/i386/i386/locore.S cvs rdiff -u -r1.782 -r1.783 src/sys/arch/i386/i386/machdep.c cvs rdiff -u -r1.287 -r1.288 src/sys/arch/i386/i386/trap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/arch/amd64/amd64/locore.S diff -u src/sys/arch/amd64/amd64/locore.S:1.123 src/sys/arch/amd64/amd64/locore.S:1.124 --- src/sys/arch/amd64/amd64/locore.S:1.123 Sat Mar 25 15:07:21 2017 +++ src/sys/arch/amd64/amd64/locore.S Sat Jul 1 10:44:42 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: locore.S,v 1.123 2017/03/25 15:07:21 maxv Exp $ */ +/* $NetBSD: locore.S,v 1.124 2017/07/01 10:44:42 maxv Exp $ */ /* * Copyright-o-rama! @@ -1409,7 +1409,6 @@ IDTVEC(osyscall) addq $0x10,%rsp #endif pushq $2 /* size of instruction for restart */ -osyscall1: pushq $T_ASTFLT /* trap # for doing ASTs */ INTRENTRY STI(si) Index: src/sys/arch/i386/i386/locore.S diff -u src/sys/arch/i386/i386/locore.S:1.145 src/sys/arch/i386/i386/locore.S:1.146 --- src/sys/arch/i386/i386/locore.S:1.145 Thu Feb 2 19:12:09 2017 +++ src/sys/arch/i386/i386/locore.S Sat Jul 1 10:44:42 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: locore.S,v 1.145 2017/02/02 19:12:09 maxv Exp $ */ +/* $NetBSD: locore.S,v 1.146 2017/07/01 10:44:42 maxv Exp $ */ /* * Copyright-o-rama! @@ -128,7 +128,7 @@ */ #include <machine/asm.h> -__KERNEL_RCSID(0, "$NetBSD: locore.S,v 1.145 2017/02/02 19:12:09 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: locore.S,v 1.146 2017/07/01 10:44:42 maxv Exp $"); #include "opt_compat_oldboot.h" #include "opt_copy_symtab.h" @@ -1239,30 +1239,12 @@ ENTRY(savectx) END(savectx) /* - * osyscall() - * - * Old call gate entry for syscall - */ -IDTVEC(osyscall) -#ifndef XEN - /* XXX we are in trouble! interrupts be off here. */ - cli /* must be first instruction */ -#endif - pushfl /* set eflags in trap frame */ - popl 8(%esp) - orl $PSL_I,8(%esp) /* re-enable ints on return to user */ - pushl $7 /* size of instruction for restart */ - jmp syscall1 -IDTVEC_END(osyscall) - -/* * syscall() * * Trap gate entry for syscall */ IDTVEC(syscall) pushl $2 /* size of instruction for restart */ -syscall1: pushl $T_ASTFLT /* trap # for doing ASTs */ INTRENTRY STI(%eax) Index: src/sys/arch/i386/i386/machdep.c diff -u src/sys/arch/i386/i386/machdep.c:1.782 src/sys/arch/i386/i386/machdep.c:1.783 --- src/sys/arch/i386/i386/machdep.c:1.782 Fri Mar 24 17:09:36 2017 +++ src/sys/arch/i386/i386/machdep.c Sat Jul 1 10:44:42 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: machdep.c,v 1.782 2017/03/24 17:09:36 maxv Exp $ */ +/* $NetBSD: machdep.c,v 1.783 2017/07/01 10:44:42 maxv Exp $ */ /*- * Copyright (c) 1996, 1997, 1998, 2000, 2004, 2006, 2008, 2009 @@ -67,7 +67,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.782 2017/03/24 17:09:36 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.783 2017/07/01 10:44:42 maxv Exp $"); #include "opt_beep.h" #include "opt_compat_ibcs2.h" @@ -933,7 +933,6 @@ setsegment(struct segment_descriptor *sd #define IDTVEC(name) __CONCAT(X, name) typedef void (vector)(void); extern vector IDTVEC(syscall); -extern vector IDTVEC(osyscall); extern vector *IDTVEC(exceptions)[]; extern vector IDTVEC(svr4_fasttrap); void (*svr4_fasttrap_vec)(void) = (void (*)(void))nullop; @@ -1290,14 +1289,9 @@ init386(paddr_t first_avail) #endif /* XEN */ /* make ldt gates and memory segments */ - setgate(&ldtstore[LSYS5CALLS_SEL].gd, &IDTVEC(osyscall), 1, - SDT_SYS386CGT, SEL_UPL, GSEL(GCODE_SEL, SEL_KPL)); - ldtstore[LUCODE_SEL] = gdtstore[GUCODE_SEL]; ldtstore[LUCODEBIG_SEL] = gdtstore[GUCODEBIG_SEL]; ldtstore[LUDATA_SEL] = gdtstore[GUDATA_SEL]; - ldtstore[LSOL26CALLS_SEL] = ldtstore[LBSDICALLS_SEL] = - ldtstore[LSYS5CALLS_SEL]; #ifndef XEN /* exceptions */ Index: src/sys/arch/i386/i386/trap.c diff -u src/sys/arch/i386/i386/trap.c:1.287 src/sys/arch/i386/i386/trap.c:1.288 --- src/sys/arch/i386/i386/trap.c:1.287 Sat Mar 18 13:39:23 2017 +++ src/sys/arch/i386/i386/trap.c Sat Jul 1 10:44:42 2017 @@ -1,5 +1,5 @@ -/* $NetBSD: trap.c,v 1.287 2017/03/18 13:39:23 maxv Exp $ */ +/* $NetBSD: trap.c,v 1.288 2017/07/01 10:44:42 maxv Exp $ */ /*- * Copyright (c) 1998, 2000, 2005, 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -69,7 +69,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: trap.c,v 1.287 2017/03/18 13:39:23 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: trap.c,v 1.288 2017/07/01 10:44:42 maxv Exp $"); #include "opt_ddb.h" #include "opt_kgdb.h" @@ -78,6 +78,7 @@ __KERNEL_RCSID(0, "$NetBSD: trap.c,v 1.2 #include "opt_vm86.h" #include "opt_xen.h" #include "opt_dtrace.h" +#include "opt_compat_netbsd.h" #include <sys/param.h> #include <sys/systm.h> @@ -250,8 +251,7 @@ trap(struct trapframe *frame) struct lwp *l = curlwp; struct proc *p; struct pcb *pcb; - extern char fusubail[], kcopy_fault[], return_address_fault[], - IDTVEC(osyscall)[]; + extern char fusubail[], kcopy_fault[], return_address_fault[]; struct trapframe *vframe; ksiginfo_t ksi; void *onfault; @@ -418,6 +418,26 @@ kernelfault: /* NOTREACHED */ case T_PROTFLT|T_USER: /* protection fault */ +#if defined(COMPAT_10) + { + static const char lcall[7] = { 0x9a, 0, 0, 0, 0, 7, 0 }; + const size_t sz = sizeof(lcall); + char tmp[sz]; + + /* Check for the osyscall lcall instruction. */ + if (frame->tf_eip < VM_MAXUSER_ADDRESS - sz && + copyin((void *)frame->tf_eip, tmp, sz) == 0 && + memcmp(tmp, lcall, sz) == 0) { + + /* Advance past the lcall. */ + frame->tf_eip += sz; + + /* Do the syscall. */ + p->p_md.md_syscall(frame); + goto out; + } + } +#endif case T_TSSFLT|T_USER: case T_SEGNPFLT|T_USER: case T_STKFLT|T_USER: @@ -710,13 +730,6 @@ faultcommon: if (x86_dbregs_user_trap()) break; - /* Check whether they single-stepped into a lcall. */ - if (frame->tf_eip == (int)IDTVEC(osyscall)) - return; - if (frame->tf_eip == (int)IDTVEC(osyscall) + 1) { - frame->tf_eflags &= ~PSL_T; - return; - } goto we_re_toast; case T_BPTFLT|T_USER: /* bpt instruction fault */