From owner-svn-src-head@freebsd.org  Mon May 15 20:52:45 2017
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6F8CCD6E88C;
 Mon, 15 May 2017 20:52:45 +0000 (UTC) (envelope-from kib@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 2E7131DD3;
 Mon, 15 May 2017 20:52:45 +0000 (UTC) (envelope-from kib@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v4FKqiuw025651;
 Mon, 15 May 2017 20:52:44 GMT (envelope-from kib@FreeBSD.org)
Received: (from kib@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v4FKqiHV025648;
 Mon, 15 May 2017 20:52:44 GMT (envelope-from kib@FreeBSD.org)
Message-Id: <201705152052.v4FKqiHV025648@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org
 using -f
From: Konstantin Belousov <kib@FreeBSD.org>
Date: Mon, 15 May 2017 20:52:44 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r318318 - in head/sys: amd64/acpica amd64/amd64 x86/acpica
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 May 2017 20:52:45 -0000

Author: kib
Date: Mon May 15 20:52:43 2017
New Revision: 318318
URL: https://svnweb.freebsd.org/changeset/base/318318

Log:
  Ensure that resume path on amd64 only accesses page tables for normal
  operation after processor is configured to allow all required
  features.
  
  In particular, NX must be enabled in EFER, otherwise load of page
  table element with nx bit set causes reserved bit page fault.  Since
  malloc uses direct mapping for small allocations, in particular for
  the suspension pcbs, and DMAP is nx after r316767, this commit tripped
  fault on resume path.
  
  Restore complete state of EFER while wakeup code is still executing
  with custom page table, before calling resumectx, instead of trying to
  guess which features might be needed before resumectx restored EFER on
  its own.
  
  Bisected and tested by:	trasz
  Sponsored by:	The FreeBSD Foundation
  MFC after:	2 weeks

Modified:
  head/sys/amd64/acpica/acpi_wakecode.S
  head/sys/amd64/amd64/cpu_switch.S
  head/sys/x86/acpica/acpi_wakeup.c

Modified: head/sys/amd64/acpica/acpi_wakecode.S
==============================================================================
--- head/sys/amd64/acpica/acpi_wakecode.S	Mon May 15 20:41:29 2017	(r318317)
+++ head/sys/amd64/acpica/acpi_wakecode.S	Mon May 15 20:52:43 2017	(r318318)
@@ -156,11 +156,12 @@ wakeup_32:
 	/*
 	 * Enable EFER.LME so that we get long mode when all the prereqs are
 	 * in place.  In this case, it turns on when CR0_PG is finally enabled.
-	 * Pick up a few other EFER bits that we'll use need we're here.
+	 * Also it picks up a few other EFER bits that we'll use need we're
+	 * here, like SYSCALL and NX enable.
 	 */
 	movl	$MSR_EFER, %ecx
-	rdmsr
-	orl	$EFER_LME | EFER_SCE, %eax
+	movl	wakeup_efer - wakeup_start(%ebx), %eax
+	movl	wakeup_efer + 4 - wakeup_start(%ebx), %edx
 	wrmsr
 
 	/*
@@ -276,6 +277,8 @@ wakeup_pcb:
 	.quad	0
 wakeup_ret:
 	.quad	0
+wakeup_efer:
+	.quad	0
 wakeup_gdt:
 	.word	0
 	.quad	0

Modified: head/sys/amd64/amd64/cpu_switch.S
==============================================================================
--- head/sys/amd64/amd64/cpu_switch.S	Mon May 15 20:41:29 2017	(r318317)
+++ head/sys/amd64/amd64/cpu_switch.S	Mon May 15 20:52:43 2017	(r318318)
@@ -396,7 +396,7 @@ ENTRY(resumectx)
 	movl	4 + PCB_KGSBASE(%rdi),%edx
 	wrmsr
 
-	/* Restore EFER. */
+	/* Restore EFER one more time. */
 	movl	$MSR_EFER,%ecx
 	movl	PCB_EFER(%rdi),%eax
 	wrmsr

Modified: head/sys/x86/acpica/acpi_wakeup.c
==============================================================================
--- head/sys/x86/acpica/acpi_wakeup.c	Mon May 15 20:41:29 2017	(r318317)
+++ head/sys/x86/acpica/acpi_wakeup.c	Mon May 15 20:52:43 2017	(r318318)
@@ -223,7 +223,9 @@ acpi_sleep_machdep(struct acpi_softc *sc
 		WAKECODE_FIXUP(resume_beep, uint8_t, (acpi_resume_beep != 0));
 		WAKECODE_FIXUP(reset_video, uint8_t, (acpi_reset_video != 0));
 
-#ifndef __amd64__
+#ifdef __amd64__
+		WAKECODE_FIXUP(wakeup_efer, uint64_t, rdmsr(MSR_EFER));
+#else
 		WAKECODE_FIXUP(wakeup_cr4, register_t, pcb->pcb_cr4);
 #endif
 		WAKECODE_FIXUP(wakeup_pcb, struct pcb *, pcb);