Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 19 Jan 2011 19:18:07 +0200
From:      Kostik Belousov <kostikbel@gmail.com>
To:        Jung-uk Kim <jkim@freebsd.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r217587 - head/sys/i386/i386
Message-ID:  <20110119171807.GA2518@deviant.kiev.zoral.com.ua>
In-Reply-To: <201101191709.p0JH97ZD083132@svn.freebsd.org>
References:  <201101191709.p0JH97ZD083132@svn.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--cr8px54RfQr1fJtZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jan 19, 2011 at 05:09:07PM +0000, Jung-uk Kim wrote:
> Author: jkim
> Date: Wed Jan 19 17:09:07 2011
> New Revision: 217587
> URL: http://svn.freebsd.org/changeset/base/217587
>=20
> Log:
>   Fix yet another fallout from r208833.  VM86 BIOS call may cause page fa=
ult
>   when FPU is in use.
>  =20
>   Reported by:	Marc UBM Bocklet (ubm dot freebsd at googlemail dot com)
>   Tested by:	b. f. (bf1783 at googlemail dot com)
>   MFC after:	3 days
>=20
> Modified:
>   head/sys/i386/i386/vm86bios.s
>=20
> Modified: head/sys/i386/i386/vm86bios.s
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> --- head/sys/i386/i386/vm86bios.s	Wed Jan 19 17:04:07 2011	(r217586)
> +++ head/sys/i386/i386/vm86bios.s	Wed Jan 19 17:09:07 2011	(r217587)
> @@ -73,10 +73,9 @@ ENTRY(vm86_bioscall)
>  	je 	1f			/* no curproc/npxproc */
>  	pushl	%edx
>  	movl	TD_PCB(%ecx),%ecx
> -	addl	$PCB_SAVEFPU,%ecx
> -	pushl	%ecx
> +	pushl	PCB_SAVEFPU(%ecx)
>  	call	npxsave
> -	popl	%ecx
> +	addl	$4,%esp
>  	popl	%edx			/* recover our pcb */
>  1:
>  	popfl
vm86_bioscall() in fact inlines the old version of npxexit().
Shouldn't the npxexit() be called from C code before call to
vm86_bioscall ?

Also, if bioscall can be used from the syscall context, I think
whatever npxsave()/npxexit() is used, and BIOS modifies FPU
state, we are corrupting usermode FPU context.

Probably, fpu_kern_enter()/fpu_kern_leave() braces around vm86_bioscall
is proper solution.

--cr8px54RfQr1fJtZ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (FreeBSD)

iEYEARECAAYFAk03HM4ACgkQC3+MBN1Mb4gPWQCfTYpj25dyrceaOrmyYExO+Bpm
uUMAoIUUH5eMvveKA7peZujUuRfBSJCE
=WeQF
-----END PGP SIGNATURE-----

--cr8px54RfQr1fJtZ--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110119171807.GA2518>