From owner-freebsd-audit  Tue Aug  7 11: 3:16 2001
Delivered-To: freebsd-audit@freebsd.org
Received: from tasogare.imasy.or.jp (tasogare.imasy.or.jp [202.227.24.5])
	by hub.freebsd.org (Postfix) with ESMTP
	id D32F337B40E; Tue,  7 Aug 2001 11:03:03 -0700 (PDT)
	(envelope-from iwasaki@jp.FreeBSD.org)
Received: from localhost (iwasaki.imasy.or.jp [202.227.24.92])
	by tasogare.imasy.or.jp (8.11.3+3.4W/8.11.3/tasogare) with ESMTP/inet id f77I30I56619;
	Wed, 8 Aug 2001 03:03:00 +0900 (JST)
	(envelope-from iwasaki@jp.FreeBSD.org)
To: arch@freebsd.org
Cc: audit@freebsd.org
Subject: CFR: Some bug fixes in i386/i386/machdep.c
X-Mailer: Mew version 1.94.1 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20010808030258E.iwasaki@jp.FreeBSD.org>
Date: Wed, 08 Aug 2001 03:02:58 +0900
From: Mitsuru IWASAKI <iwasaki@jp.FreeBSD.org>
X-Dispatcher: imput version 20000228(IM140)
Lines: 135
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-audit.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-audit>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-audit>
X-Loop: FreeBSD.ORG

Hi, I've noticed that there are some bugs in i386/i386/machdep.c.
With following patches on printing, I got strange result from dmesg.

Index: machdep.c
===================================================================
RCS file: /home/ncvs/src/sys/i386/i386/machdep.c,v
retrieving revision 1.465
diff -u -r1.465 machdep.c
--- machdep.c	2001/07/26 23:06:44	1.465
+++ machdep.c	2001/08/07 17:00:43
 #endif
@@ -1969,6 +1974,22 @@
 		pmap_kenter((vm_offset_t)msgbufp + off, avail_end + off);
 
 	msgbufinit(msgbufp, MSGBUF_SIZE);
+
+	for (x = 0; x < NGDT; x++) {
+		printf("gdt_segs[%02d](sel %02x): base = %08x(%08x), limit = %08x(%08x)\n",
+		    x, x * 8, gdt_segs[x].ssd_base,
+		    gdt[x].sd.sd_hibase<<24|gdt[x].sd.sd_lobase,
+		    gdt_segs[x].ssd_limit,
+		    (gdt[x].sd.sd_hilimit<<16|gdt[x].sd.sd_lolimit));
+	}
+
+	for (x = 0; x < sizeof ldt_segs / sizeof ldt_segs[0]; x++) {
+		printf("ldt_segs[%02d](sel %02x): base = %08x(%08x), limit = %08x(%08x)\n",
+		    x, x * 8, ldt_segs[x].ssd_base,
+		    ldt[x].sd.sd_hibase<<24|ldt[x].sd.sd_lobase,
+		    ldt_segs[x].ssd_limit,
+		    (ldt[x].sd.sd_hilimit<<16|ldt[x].sd.sd_lolimit));
+	}
 
 	/* make a call gate to reenter kernel with */
 	gdp = &ldt[LSYS5CALLS_SEL].gd;


gdt_segs[00](sel 00): base = 00000000(00000000), limit = 00000000(00000000)
gdt_segs[01](sel 08): base = 00000000(00000000), limit = ffffffff(000fffff)
gdt_segs[02](sel 10): base = 00000000(00000000), limit = ffffffff(000fffff)
gdt_segs[03](sel 18): base = c0429540(c0429540), limit = ffffffff(000fffff)
gdt_segs[04](sel 20): base = c042955c(c042955c), limit = 00000067(00000067)
gdt_segs[05](sel 28): base = c0433da0(c0433da0), limit = 00000087(00000087)
gdt_segs[06](sel 30): base = c0433da0(c0433da0), limit = 00000fff(00000fff)
gdt_segs[07](sel 38): base = 00000000(00000000), limit = 00000000(00000000)
gdt_segs[08](sel 40): base = 00000400(00000400), limit = 000fffff(000fffff)
gdt_segs[09](sel 48): base = c0429a20(c0429a20), limit = 00000067(00000067)
gdt_segs[10](sel 50): base = 00000000(00000000), limit = 000fffff(000fffff)
gdt_segs[11](sel 58): base = 00000000(00000000), limit = 000fffff(000fffff)
gdt_segs[12](sel 60): base = 00000000(00000000), limit = 000fffff(000fffff)
gdt_segs[13](sel 68): base = 00000000(00000000), limit = 000fffff(000fffff)
gdt_segs[14](sel 70): base = 00000000(00000000), limit = 000fffff(000fffff)
ldt_segs[00](sel 00): base = 00000000(00000000), limit = 00000000(00000000)
ldt_segs[01](sel 08): base = 00000000(00000000), limit = 00000000(00000000)
ldt_segs[02](sel 10): base = 00000000(00000000), limit = 00000000(00000000)
ldt_segs[03](sel 18): base = 00000000(00000000), limit = 000bfc01(000bfc01)
ldt_segs[04](sel 20): base = 00000000(00000000), limit = 00000000(00000000)
ldt_segs[05](sel 28): base = 00000000(00000000), limit = 000bfbff(000bfbff)
ACPI debug layer 0x0  debug level 0x0
Copyright (c) 1992-2001 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.
FreeBSD 5.0-CURRENT #153: Wed Aug  8 00:35:09 JST 2001


The segment limit values in gdt_segs for GCODE_SEL, GDATA_SEL,
GPRIV_SEL (1, 2, 3 respectively) seems wrong for me, also GPRIV_SEL
limit is too big.
Of course ssdtosd() correct them luckily except for GPRIV_SEL.

Also I've found too early warning printing before calling cninit().
This would never warn to users.

Following is bug fixes for above problems.  Please review it.
I'll commit this weekend if no objections.

Thanks

Index: machdep.c
===================================================================
RCS file: /home/ncvs/src/sys/i386/i386/machdep.c,v
retrieving revision 1.465
diff -u -r1.465 machdep.c
--- machdep.c	2001/07/26 23:06:44	1.465
+++ machdep.c	2001/08/07 17:41:22
@@ -1782,6 +1782,7 @@
 	struct region_descriptor r_gdt, r_idt;
 #endif
 	int off;
+	int metadata_missing = 0;
 
 	proc0.p_addr = proc0paddr;
 
@@ -1791,7 +1792,7 @@
 		preload_metadata = (caddr_t)bootinfo.bi_modulep + KERNBASE;
 		preload_bootstrap_relocate(KERNBASE);
 	} else {
-		printf("WARNING: loader(8) metadata is missing!\n");
+		metadata_missing = 1;
 	}
 	if (bootinfo.bi_envp)
 		kern_envp = (caddr_t)bootinfo.bi_envp + KERNBASE;
@@ -1808,18 +1809,18 @@
 	 * XXX text protection is temporarily (?) disabled.  The limit was
 	 * i386_btop(round_page(etext)) - 1.
 	 */
-	gdt_segs[GCODE_SEL].ssd_limit = i386_btop(0) - 1;
-	gdt_segs[GDATA_SEL].ssd_limit = i386_btop(0) - 1;
+	gdt_segs[GCODE_SEL].ssd_limit = i386_btop(0 - 1);
+	gdt_segs[GDATA_SEL].ssd_limit = i386_btop(0 - 1);
 #ifdef SMP
 	gdt_segs[GPRIV_SEL].ssd_limit =
-		i386_btop(sizeof(struct privatespace)) - 1;
+		i386_btop(sizeof(struct privatespace) + PAGE_SIZE - 1);
 	gdt_segs[GPRIV_SEL].ssd_base = (int) &SMP_prvspace[0];
 	gdt_segs[GPROC0_SEL].ssd_base =
 		(int) &SMP_prvspace[0].globaldata.gd_common_tss;
 	SMP_prvspace[0].globaldata.gd_prvspace = &SMP_prvspace[0].globaldata;
 #else
 	gdt_segs[GPRIV_SEL].ssd_limit =
-		i386_btop(sizeof(struct globaldata)) - 1;
+		i386_btop(sizeof(struct globaldata) + PAGE_SIZE - 1);
 	gdt_segs[GPRIV_SEL].ssd_base = (int) &__globaldata;
 	gdt_segs[GPROC0_SEL].ssd_base =
 		(int) &__globaldata.gd_common_tss;
@@ -1920,6 +1921,10 @@
 	 */
 	cninit();
 
+	if (metadata_missing) {
+		printf("WARNING: loader(8) metadata is missing!\n");
+	}
+
 #ifdef DEV_ISA
 	isa_defaultirq();
 #endif

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message