1 /*- 2 * SPDX-License-Identifier: BSD-4-Clause 3 * 4 * Copyright (c) 2018 The FreeBSD Foundation 5 * Copyright (c) 1992 Terrence R. Lambert. 6 * Copyright (c) 1982, 1987, 1990 The Regents of the University of California. 7 * All rights reserved. 8 * 9 * This code is derived from software contributed to Berkeley by 10 * William Jolitz. 11 * 12 * Portions of this software were developed by A. Joseph Koshy under 13 * sponsorship from the FreeBSD Foundation and Google, Inc. 14 * 15 * Redistribution and use in source and binary forms, with or without 16 * modification, are permitted provided that the following conditions 17 * are met: 18 * 1. Redistributions of source code must retain the above copyright 19 * notice, this list of conditions and the following disclaimer. 20 * 2. Redistributions in binary form must reproduce the above copyright 21 * notice, this list of conditions and the following disclaimer in the 22 * documentation and/or other materials provided with the distribution. 23 * 3. All advertising materials mentioning features or use of this software 24 * must display the following acknowledgement: 25 * This product includes software developed by the University of 26 * California, Berkeley and its contributors. 27 * 4. Neither the name of the University nor the names of its contributors 28 * may be used to endorse or promote products derived from this software 29 * without specific prior written permission. 30 * 31 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 32 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 33 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 34 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 35 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 36 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 37 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 39 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 40 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 41 * SUCH DAMAGE. 42 * 43 * from: @(#)machdep.c 7.4 (Berkeley) 6/3/91 44 */ 45 46 #include <sys/cdefs.h> 47 __FBSDID("$FreeBSD$"); 48 49 #include "opt_cpu.h" 50 #include "opt_ddb.h" 51 #include "opt_kstack_pages.h" 52 53 #include <sys/param.h> 54 #include <sys/proc.h> 55 #include <sys/systm.h> 56 #include <sys/exec.h> 57 #include <sys/imgact.h> 58 #include <sys/kdb.h> 59 #include <sys/kernel.h> 60 #include <sys/ktr.h> 61 #include <sys/linker.h> 62 #include <sys/lock.h> 63 #include <sys/malloc.h> 64 #include <sys/mutex.h> 65 #include <sys/pcpu.h> 66 #include <sys/ptrace.h> 67 #include <sys/reg.h> 68 #include <sys/rwlock.h> 69 #include <sys/signalvar.h> 70 #include <sys/syscallsubr.h> 71 #include <sys/sysctl.h> 72 #include <sys/sysent.h> 73 #include <sys/sysproto.h> 74 #include <sys/ucontext.h> 75 #include <sys/vmmeter.h> 76 77 #include <vm/vm.h> 78 #include <vm/vm_param.h> 79 #include <vm/vm_extern.h> 80 #include <vm/vm_kern.h> 81 #include <vm/vm_page.h> 82 #include <vm/vm_map.h> 83 #include <vm/vm_object.h> 84 85 #ifdef DDB 86 #ifndef KDB 87 #error KDB must be enabled in order for DDB to work! 88 #endif 89 #include <ddb/ddb.h> 90 #include <ddb/db_sym.h> 91 #endif 92 93 #include <machine/cpu.h> 94 #include <machine/cputypes.h> 95 #include <machine/md_var.h> 96 #include <machine/pcb.h> 97 #include <machine/pcb_ext.h> 98 #include <machine/proc.h> 99 #include <machine/sigframe.h> 100 #include <machine/specialreg.h> 101 #include <machine/sysarch.h> 102 #include <machine/trap.h> 103 104 static void fpstate_drop(struct thread *td); 105 static void get_fpcontext(struct thread *td, mcontext_t *mcp, 106 char *xfpusave, size_t xfpusave_len); 107 static int set_fpcontext(struct thread *td, mcontext_t *mcp, 108 char *xfpustate, size_t xfpustate_len); 109 #ifdef COMPAT_43 110 static void osendsig(sig_t catcher, ksiginfo_t *, sigset_t *mask); 111 #endif 112 #ifdef COMPAT_FREEBSD4 113 static void freebsd4_sendsig(sig_t catcher, ksiginfo_t *, sigset_t *mask); 114 #endif 115 116 extern struct sysentvec elf32_freebsd_sysvec; 117 118 /* 119 * Send an interrupt to process. 120 * 121 * Stack is set up to allow sigcode stored at top to call routine, 122 * followed by call to sigreturn routine below. After sigreturn 123 * resets the signal mask, the stack, and the frame pointer, it 124 * returns to the user specified pc, psl. 125 */ 126 #ifdef COMPAT_43 127 static void 128 osendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 129 { 130 struct osigframe sf, *fp; 131 struct proc *p; 132 struct thread *td; 133 struct sigacts *psp; 134 struct trapframe *regs; 135 int sig; 136 int oonstack; 137 138 td = curthread; 139 p = td->td_proc; 140 PROC_LOCK_ASSERT(p, MA_OWNED); 141 sig = ksi->ksi_signo; 142 psp = p->p_sigacts; 143 mtx_assert(&psp->ps_mtx, MA_OWNED); 144 regs = td->td_frame; 145 oonstack = sigonstack(regs->tf_esp); 146 147 /* Allocate space for the signal handler context. */ 148 if ((td->td_pflags & TDP_ALTSTACK) && !oonstack && 149 SIGISMEMBER(psp->ps_sigonstack, sig)) { 150 fp = (struct osigframe *)((uintptr_t)td->td_sigstk.ss_sp + 151 td->td_sigstk.ss_size - sizeof(struct osigframe)); 152 #if defined(COMPAT_43) 153 td->td_sigstk.ss_flags |= SS_ONSTACK; 154 #endif 155 } else 156 fp = (struct osigframe *)regs->tf_esp - 1; 157 158 /* Build the argument list for the signal handler. */ 159 sf.sf_signum = sig; 160 sf.sf_scp = (register_t)&fp->sf_siginfo.si_sc; 161 bzero(&sf.sf_siginfo, sizeof(sf.sf_siginfo)); 162 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 163 /* Signal handler installed with SA_SIGINFO. */ 164 sf.sf_arg2 = (register_t)&fp->sf_siginfo; 165 sf.sf_siginfo.si_signo = sig; 166 sf.sf_siginfo.si_code = ksi->ksi_code; 167 sf.sf_ahu.sf_action = (__osiginfohandler_t *)catcher; 168 sf.sf_addr = 0; 169 } else { 170 /* Old FreeBSD-style arguments. */ 171 sf.sf_arg2 = ksi->ksi_code; 172 sf.sf_addr = (register_t)ksi->ksi_addr; 173 sf.sf_ahu.sf_handler = catcher; 174 } 175 mtx_unlock(&psp->ps_mtx); 176 PROC_UNLOCK(p); 177 178 /* Save most if not all of trap frame. */ 179 sf.sf_siginfo.si_sc.sc_eax = regs->tf_eax; 180 sf.sf_siginfo.si_sc.sc_ebx = regs->tf_ebx; 181 sf.sf_siginfo.si_sc.sc_ecx = regs->tf_ecx; 182 sf.sf_siginfo.si_sc.sc_edx = regs->tf_edx; 183 sf.sf_siginfo.si_sc.sc_esi = regs->tf_esi; 184 sf.sf_siginfo.si_sc.sc_edi = regs->tf_edi; 185 sf.sf_siginfo.si_sc.sc_cs = regs->tf_cs; 186 sf.sf_siginfo.si_sc.sc_ds = regs->tf_ds; 187 sf.sf_siginfo.si_sc.sc_ss = regs->tf_ss; 188 sf.sf_siginfo.si_sc.sc_es = regs->tf_es; 189 sf.sf_siginfo.si_sc.sc_fs = regs->tf_fs; 190 sf.sf_siginfo.si_sc.sc_gs = rgs(); 191 sf.sf_siginfo.si_sc.sc_isp = regs->tf_isp; 192 193 /* Build the signal context to be used by osigreturn(). */ 194 sf.sf_siginfo.si_sc.sc_onstack = (oonstack) ? 1 : 0; 195 SIG2OSIG(*mask, sf.sf_siginfo.si_sc.sc_mask); 196 sf.sf_siginfo.si_sc.sc_sp = regs->tf_esp; 197 sf.sf_siginfo.si_sc.sc_fp = regs->tf_ebp; 198 sf.sf_siginfo.si_sc.sc_pc = regs->tf_eip; 199 sf.sf_siginfo.si_sc.sc_ps = regs->tf_eflags; 200 sf.sf_siginfo.si_sc.sc_trapno = regs->tf_trapno; 201 sf.sf_siginfo.si_sc.sc_err = regs->tf_err; 202 203 /* 204 * If we're a vm86 process, we want to save the segment registers. 205 * We also change eflags to be our emulated eflags, not the actual 206 * eflags. 207 */ 208 if (regs->tf_eflags & PSL_VM) { 209 /* XXX confusing names: `tf' isn't a trapframe; `regs' is. */ 210 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 211 struct vm86_kernel *vm86 = &td->td_pcb->pcb_ext->ext_vm86; 212 213 sf.sf_siginfo.si_sc.sc_gs = tf->tf_vm86_gs; 214 sf.sf_siginfo.si_sc.sc_fs = tf->tf_vm86_fs; 215 sf.sf_siginfo.si_sc.sc_es = tf->tf_vm86_es; 216 sf.sf_siginfo.si_sc.sc_ds = tf->tf_vm86_ds; 217 218 if (vm86->vm86_has_vme == 0) 219 sf.sf_siginfo.si_sc.sc_ps = 220 (tf->tf_eflags & ~(PSL_VIF | PSL_VIP)) | 221 (vm86->vm86_eflags & (PSL_VIF | PSL_VIP)); 222 223 /* See sendsig() for comments. */ 224 tf->tf_eflags &= ~(PSL_VM | PSL_NT | PSL_VIF | PSL_VIP); 225 } 226 227 /* 228 * Copy the sigframe out to the user's stack. 229 */ 230 if (copyout(&sf, fp, sizeof(*fp)) != 0) { 231 PROC_LOCK(p); 232 sigexit(td, SIGILL); 233 } 234 235 regs->tf_esp = (int)fp; 236 if (p->p_sysent->sv_sigcode_base != 0) { 237 regs->tf_eip = p->p_sysent->sv_sigcode_base + szsigcode - 238 szosigcode; 239 } else { 240 /* a.out sysentvec does not use shared page */ 241 regs->tf_eip = p->p_sysent->sv_psstrings - szosigcode; 242 } 243 regs->tf_eflags &= ~(PSL_T | PSL_D); 244 regs->tf_cs = _ucodesel; 245 regs->tf_ds = _udatasel; 246 regs->tf_es = _udatasel; 247 regs->tf_fs = _udatasel; 248 load_gs(_udatasel); 249 regs->tf_ss = _udatasel; 250 PROC_LOCK(p); 251 mtx_lock(&psp->ps_mtx); 252 } 253 #endif /* COMPAT_43 */ 254 255 #ifdef COMPAT_FREEBSD4 256 static void 257 freebsd4_sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 258 { 259 struct sigframe4 sf, *sfp; 260 struct proc *p; 261 struct thread *td; 262 struct sigacts *psp; 263 struct trapframe *regs; 264 int sig; 265 int oonstack; 266 267 td = curthread; 268 p = td->td_proc; 269 PROC_LOCK_ASSERT(p, MA_OWNED); 270 sig = ksi->ksi_signo; 271 psp = p->p_sigacts; 272 mtx_assert(&psp->ps_mtx, MA_OWNED); 273 regs = td->td_frame; 274 oonstack = sigonstack(regs->tf_esp); 275 276 /* Save user context. */ 277 bzero(&sf, sizeof(sf)); 278 sf.sf_uc.uc_sigmask = *mask; 279 sf.sf_uc.uc_stack = td->td_sigstk; 280 sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 281 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 282 sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 283 sf.sf_uc.uc_mcontext.mc_gs = rgs(); 284 bcopy(regs, &sf.sf_uc.uc_mcontext.mc_fs, sizeof(*regs)); 285 bzero(sf.sf_uc.uc_mcontext.mc_fpregs, 286 sizeof(sf.sf_uc.uc_mcontext.mc_fpregs)); 287 bzero(sf.sf_uc.uc_mcontext.__spare__, 288 sizeof(sf.sf_uc.uc_mcontext.__spare__)); 289 bzero(sf.sf_uc.__spare__, sizeof(sf.sf_uc.__spare__)); 290 291 /* Allocate space for the signal handler context. */ 292 if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 293 SIGISMEMBER(psp->ps_sigonstack, sig)) { 294 sfp = (struct sigframe4 *)((uintptr_t)td->td_sigstk.ss_sp + 295 td->td_sigstk.ss_size - sizeof(struct sigframe4)); 296 #if defined(COMPAT_43) 297 td->td_sigstk.ss_flags |= SS_ONSTACK; 298 #endif 299 } else 300 sfp = (struct sigframe4 *)regs->tf_esp - 1; 301 302 /* Build the argument list for the signal handler. */ 303 sf.sf_signum = sig; 304 sf.sf_ucontext = (register_t)&sfp->sf_uc; 305 bzero(&sf.sf_si, sizeof(sf.sf_si)); 306 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 307 /* Signal handler installed with SA_SIGINFO. */ 308 sf.sf_siginfo = (register_t)&sfp->sf_si; 309 sf.sf_ahu.sf_action = (__siginfohandler_t *)catcher; 310 311 /* Fill in POSIX parts */ 312 sf.sf_si.si_signo = sig; 313 sf.sf_si.si_code = ksi->ksi_code; 314 sf.sf_si.si_addr = ksi->ksi_addr; 315 } else { 316 /* Old FreeBSD-style arguments. */ 317 sf.sf_siginfo = ksi->ksi_code; 318 sf.sf_addr = (register_t)ksi->ksi_addr; 319 sf.sf_ahu.sf_handler = catcher; 320 } 321 mtx_unlock(&psp->ps_mtx); 322 PROC_UNLOCK(p); 323 324 /* 325 * If we're a vm86 process, we want to save the segment registers. 326 * We also change eflags to be our emulated eflags, not the actual 327 * eflags. 328 */ 329 if (regs->tf_eflags & PSL_VM) { 330 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 331 struct vm86_kernel *vm86 = &td->td_pcb->pcb_ext->ext_vm86; 332 333 sf.sf_uc.uc_mcontext.mc_gs = tf->tf_vm86_gs; 334 sf.sf_uc.uc_mcontext.mc_fs = tf->tf_vm86_fs; 335 sf.sf_uc.uc_mcontext.mc_es = tf->tf_vm86_es; 336 sf.sf_uc.uc_mcontext.mc_ds = tf->tf_vm86_ds; 337 338 if (vm86->vm86_has_vme == 0) 339 sf.sf_uc.uc_mcontext.mc_eflags = 340 (tf->tf_eflags & ~(PSL_VIF | PSL_VIP)) | 341 (vm86->vm86_eflags & (PSL_VIF | PSL_VIP)); 342 343 /* 344 * Clear PSL_NT to inhibit T_TSSFLT faults on return from 345 * syscalls made by the signal handler. This just avoids 346 * wasting time for our lazy fixup of such faults. PSL_NT 347 * does nothing in vm86 mode, but vm86 programs can set it 348 * almost legitimately in probes for old cpu types. 349 */ 350 tf->tf_eflags &= ~(PSL_VM | PSL_NT | PSL_VIF | PSL_VIP); 351 } 352 353 /* 354 * Copy the sigframe out to the user's stack. 355 */ 356 if (copyout(&sf, sfp, sizeof(*sfp)) != 0) { 357 PROC_LOCK(p); 358 sigexit(td, SIGILL); 359 } 360 361 regs->tf_esp = (int)sfp; 362 regs->tf_eip = p->p_sysent->sv_sigcode_base + szsigcode - 363 szfreebsd4_sigcode; 364 regs->tf_eflags &= ~(PSL_T | PSL_D); 365 regs->tf_cs = _ucodesel; 366 regs->tf_ds = _udatasel; 367 regs->tf_es = _udatasel; 368 regs->tf_fs = _udatasel; 369 regs->tf_ss = _udatasel; 370 PROC_LOCK(p); 371 mtx_lock(&psp->ps_mtx); 372 } 373 #endif /* COMPAT_FREEBSD4 */ 374 375 void 376 sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 377 { 378 struct sigframe sf, *sfp; 379 struct proc *p; 380 struct thread *td; 381 struct sigacts *psp; 382 char *sp; 383 struct trapframe *regs; 384 struct segment_descriptor *sdp; 385 char *xfpusave; 386 size_t xfpusave_len; 387 int sig; 388 int oonstack; 389 390 td = curthread; 391 p = td->td_proc; 392 PROC_LOCK_ASSERT(p, MA_OWNED); 393 sig = ksi->ksi_signo; 394 psp = p->p_sigacts; 395 mtx_assert(&psp->ps_mtx, MA_OWNED); 396 #ifdef COMPAT_FREEBSD4 397 if (SIGISMEMBER(psp->ps_freebsd4, sig)) { 398 freebsd4_sendsig(catcher, ksi, mask); 399 return; 400 } 401 #endif 402 #ifdef COMPAT_43 403 if (SIGISMEMBER(psp->ps_osigset, sig)) { 404 osendsig(catcher, ksi, mask); 405 return; 406 } 407 #endif 408 regs = td->td_frame; 409 oonstack = sigonstack(regs->tf_esp); 410 411 if (cpu_max_ext_state_size > sizeof(union savefpu) && use_xsave) { 412 xfpusave_len = cpu_max_ext_state_size - sizeof(union savefpu); 413 xfpusave = __builtin_alloca(xfpusave_len); 414 } else { 415 xfpusave_len = 0; 416 xfpusave = NULL; 417 } 418 419 /* Save user context. */ 420 bzero(&sf, sizeof(sf)); 421 sf.sf_uc.uc_sigmask = *mask; 422 sf.sf_uc.uc_stack = td->td_sigstk; 423 sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 424 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 425 sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 426 sf.sf_uc.uc_mcontext.mc_gs = rgs(); 427 bcopy(regs, &sf.sf_uc.uc_mcontext.mc_fs, sizeof(*regs)); 428 sf.sf_uc.uc_mcontext.mc_len = sizeof(sf.sf_uc.uc_mcontext); /* magic */ 429 get_fpcontext(td, &sf.sf_uc.uc_mcontext, xfpusave, xfpusave_len); 430 fpstate_drop(td); 431 /* 432 * Unconditionally fill the fsbase and gsbase into the mcontext. 433 */ 434 sdp = &td->td_pcb->pcb_fsd; 435 sf.sf_uc.uc_mcontext.mc_fsbase = sdp->sd_hibase << 24 | 436 sdp->sd_lobase; 437 sdp = &td->td_pcb->pcb_gsd; 438 sf.sf_uc.uc_mcontext.mc_gsbase = sdp->sd_hibase << 24 | 439 sdp->sd_lobase; 440 bzero(sf.sf_uc.uc_mcontext.mc_spare2, 441 sizeof(sf.sf_uc.uc_mcontext.mc_spare2)); 442 443 /* Allocate space for the signal handler context. */ 444 if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 445 SIGISMEMBER(psp->ps_sigonstack, sig)) { 446 sp = (char *)td->td_sigstk.ss_sp + td->td_sigstk.ss_size; 447 #if defined(COMPAT_43) 448 td->td_sigstk.ss_flags |= SS_ONSTACK; 449 #endif 450 } else 451 sp = (char *)regs->tf_esp - 128; 452 if (xfpusave != NULL) { 453 sp -= xfpusave_len; 454 sp = (char *)((unsigned int)sp & ~0x3F); 455 sf.sf_uc.uc_mcontext.mc_xfpustate = (register_t)sp; 456 } 457 sp -= sizeof(struct sigframe); 458 459 /* Align to 16 bytes. */ 460 sfp = (struct sigframe *)((unsigned int)sp & ~0xF); 461 462 /* Build the argument list for the signal handler. */ 463 sf.sf_signum = sig; 464 sf.sf_ucontext = (register_t)&sfp->sf_uc; 465 bzero(&sf.sf_si, sizeof(sf.sf_si)); 466 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 467 /* Signal handler installed with SA_SIGINFO. */ 468 sf.sf_siginfo = (register_t)&sfp->sf_si; 469 sf.sf_ahu.sf_action = (__siginfohandler_t *)catcher; 470 471 /* Fill in POSIX parts */ 472 sf.sf_si = ksi->ksi_info; 473 sf.sf_si.si_signo = sig; /* maybe a translated signal */ 474 } else { 475 /* Old FreeBSD-style arguments. */ 476 sf.sf_siginfo = ksi->ksi_code; 477 sf.sf_addr = (register_t)ksi->ksi_addr; 478 sf.sf_ahu.sf_handler = catcher; 479 } 480 mtx_unlock(&psp->ps_mtx); 481 PROC_UNLOCK(p); 482 483 /* 484 * If we're a vm86 process, we want to save the segment registers. 485 * We also change eflags to be our emulated eflags, not the actual 486 * eflags. 487 */ 488 if (regs->tf_eflags & PSL_VM) { 489 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 490 struct vm86_kernel *vm86 = &td->td_pcb->pcb_ext->ext_vm86; 491 492 sf.sf_uc.uc_mcontext.mc_gs = tf->tf_vm86_gs; 493 sf.sf_uc.uc_mcontext.mc_fs = tf->tf_vm86_fs; 494 sf.sf_uc.uc_mcontext.mc_es = tf->tf_vm86_es; 495 sf.sf_uc.uc_mcontext.mc_ds = tf->tf_vm86_ds; 496 497 if (vm86->vm86_has_vme == 0) 498 sf.sf_uc.uc_mcontext.mc_eflags = 499 (tf->tf_eflags & ~(PSL_VIF | PSL_VIP)) | 500 (vm86->vm86_eflags & (PSL_VIF | PSL_VIP)); 501 502 /* 503 * Clear PSL_NT to inhibit T_TSSFLT faults on return from 504 * syscalls made by the signal handler. This just avoids 505 * wasting time for our lazy fixup of such faults. PSL_NT 506 * does nothing in vm86 mode, but vm86 programs can set it 507 * almost legitimately in probes for old cpu types. 508 */ 509 tf->tf_eflags &= ~(PSL_VM | PSL_NT | PSL_VIF | PSL_VIP); 510 } 511 512 /* 513 * Copy the sigframe out to the user's stack. 514 */ 515 if (copyout(&sf, sfp, sizeof(*sfp)) != 0 || 516 (xfpusave != NULL && copyout(xfpusave, 517 (void *)sf.sf_uc.uc_mcontext.mc_xfpustate, xfpusave_len) 518 != 0)) { 519 PROC_LOCK(p); 520 sigexit(td, SIGILL); 521 } 522 523 regs->tf_esp = (int)sfp; 524 regs->tf_eip = p->p_sysent->sv_sigcode_base; 525 if (regs->tf_eip == 0) 526 regs->tf_eip = p->p_sysent->sv_psstrings - szsigcode; 527 regs->tf_eflags &= ~(PSL_T | PSL_D); 528 regs->tf_cs = _ucodesel; 529 regs->tf_ds = _udatasel; 530 regs->tf_es = _udatasel; 531 regs->tf_fs = _udatasel; 532 regs->tf_ss = _udatasel; 533 PROC_LOCK(p); 534 mtx_lock(&psp->ps_mtx); 535 } 536 537 /* 538 * System call to cleanup state after a signal has been taken. Reset 539 * signal mask and stack state from context left by sendsig (above). 540 * Return to previous pc and psl as specified by context left by 541 * sendsig. Check carefully to make sure that the user has not 542 * modified the state to gain improper privileges. 543 */ 544 #ifdef COMPAT_43 545 int 546 osigreturn(struct thread *td, struct osigreturn_args *uap) 547 { 548 struct osigcontext sc; 549 struct trapframe *regs; 550 struct osigcontext *scp; 551 int eflags, error; 552 ksiginfo_t ksi; 553 554 regs = td->td_frame; 555 error = copyin(uap->sigcntxp, &sc, sizeof(sc)); 556 if (error != 0) 557 return (error); 558 scp = ≻ 559 eflags = scp->sc_ps; 560 if (eflags & PSL_VM) { 561 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 562 struct vm86_kernel *vm86; 563 564 /* 565 * if pcb_ext == 0 or vm86_inited == 0, the user hasn't 566 * set up the vm86 area, and we can't enter vm86 mode. 567 */ 568 if (td->td_pcb->pcb_ext == 0) 569 return (EINVAL); 570 vm86 = &td->td_pcb->pcb_ext->ext_vm86; 571 if (vm86->vm86_inited == 0) 572 return (EINVAL); 573 574 /* Go back to user mode if both flags are set. */ 575 if ((eflags & PSL_VIP) && (eflags & PSL_VIF)) { 576 ksiginfo_init_trap(&ksi); 577 ksi.ksi_signo = SIGBUS; 578 ksi.ksi_code = BUS_OBJERR; 579 ksi.ksi_addr = (void *)regs->tf_eip; 580 trapsignal(td, &ksi); 581 } 582 583 if (vm86->vm86_has_vme) { 584 eflags = (tf->tf_eflags & ~VME_USERCHANGE) | 585 (eflags & VME_USERCHANGE) | PSL_VM; 586 } else { 587 vm86->vm86_eflags = eflags; /* save VIF, VIP */ 588 eflags = (tf->tf_eflags & ~VM_USERCHANGE) | 589 (eflags & VM_USERCHANGE) | PSL_VM; 590 } 591 tf->tf_vm86_ds = scp->sc_ds; 592 tf->tf_vm86_es = scp->sc_es; 593 tf->tf_vm86_fs = scp->sc_fs; 594 tf->tf_vm86_gs = scp->sc_gs; 595 tf->tf_ds = _udatasel; 596 tf->tf_es = _udatasel; 597 tf->tf_fs = _udatasel; 598 } else { 599 /* 600 * Don't allow users to change privileged or reserved flags. 601 */ 602 if (!EFL_SECURE(eflags, regs->tf_eflags)) { 603 return (EINVAL); 604 } 605 606 /* 607 * Don't allow users to load a valid privileged %cs. Let the 608 * hardware check for invalid selectors, excess privilege in 609 * other selectors, invalid %eip's and invalid %esp's. 610 */ 611 if (!CS_SECURE(scp->sc_cs)) { 612 ksiginfo_init_trap(&ksi); 613 ksi.ksi_signo = SIGBUS; 614 ksi.ksi_code = BUS_OBJERR; 615 ksi.ksi_trapno = T_PROTFLT; 616 ksi.ksi_addr = (void *)regs->tf_eip; 617 trapsignal(td, &ksi); 618 return (EINVAL); 619 } 620 regs->tf_ds = scp->sc_ds; 621 regs->tf_es = scp->sc_es; 622 regs->tf_fs = scp->sc_fs; 623 } 624 625 /* Restore remaining registers. */ 626 regs->tf_eax = scp->sc_eax; 627 regs->tf_ebx = scp->sc_ebx; 628 regs->tf_ecx = scp->sc_ecx; 629 regs->tf_edx = scp->sc_edx; 630 regs->tf_esi = scp->sc_esi; 631 regs->tf_edi = scp->sc_edi; 632 regs->tf_cs = scp->sc_cs; 633 regs->tf_ss = scp->sc_ss; 634 regs->tf_isp = scp->sc_isp; 635 regs->tf_ebp = scp->sc_fp; 636 regs->tf_esp = scp->sc_sp; 637 regs->tf_eip = scp->sc_pc; 638 regs->tf_eflags = eflags; 639 640 #if defined(COMPAT_43) 641 if (scp->sc_onstack & 1) 642 td->td_sigstk.ss_flags |= SS_ONSTACK; 643 else 644 td->td_sigstk.ss_flags &= ~SS_ONSTACK; 645 #endif 646 kern_sigprocmask(td, SIG_SETMASK, (sigset_t *)&scp->sc_mask, NULL, 647 SIGPROCMASK_OLD); 648 return (EJUSTRETURN); 649 } 650 #endif /* COMPAT_43 */ 651 652 #ifdef COMPAT_FREEBSD4 653 int 654 freebsd4_sigreturn(struct thread *td, struct freebsd4_sigreturn_args *uap) 655 { 656 struct freebsd4_ucontext uc; 657 struct trapframe *regs; 658 struct freebsd4_ucontext *ucp; 659 int cs, eflags, error; 660 ksiginfo_t ksi; 661 662 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 663 if (error != 0) 664 return (error); 665 ucp = &uc; 666 regs = td->td_frame; 667 eflags = ucp->uc_mcontext.mc_eflags; 668 if (eflags & PSL_VM) { 669 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 670 struct vm86_kernel *vm86; 671 672 /* 673 * if pcb_ext == 0 or vm86_inited == 0, the user hasn't 674 * set up the vm86 area, and we can't enter vm86 mode. 675 */ 676 if (td->td_pcb->pcb_ext == 0) 677 return (EINVAL); 678 vm86 = &td->td_pcb->pcb_ext->ext_vm86; 679 if (vm86->vm86_inited == 0) 680 return (EINVAL); 681 682 /* Go back to user mode if both flags are set. */ 683 if ((eflags & PSL_VIP) && (eflags & PSL_VIF)) { 684 ksiginfo_init_trap(&ksi); 685 ksi.ksi_signo = SIGBUS; 686 ksi.ksi_code = BUS_OBJERR; 687 ksi.ksi_addr = (void *)regs->tf_eip; 688 trapsignal(td, &ksi); 689 } 690 if (vm86->vm86_has_vme) { 691 eflags = (tf->tf_eflags & ~VME_USERCHANGE) | 692 (eflags & VME_USERCHANGE) | PSL_VM; 693 } else { 694 vm86->vm86_eflags = eflags; /* save VIF, VIP */ 695 eflags = (tf->tf_eflags & ~VM_USERCHANGE) | 696 (eflags & VM_USERCHANGE) | PSL_VM; 697 } 698 bcopy(&ucp->uc_mcontext.mc_fs, tf, sizeof(struct trapframe)); 699 tf->tf_eflags = eflags; 700 tf->tf_vm86_ds = tf->tf_ds; 701 tf->tf_vm86_es = tf->tf_es; 702 tf->tf_vm86_fs = tf->tf_fs; 703 tf->tf_vm86_gs = ucp->uc_mcontext.mc_gs; 704 tf->tf_ds = _udatasel; 705 tf->tf_es = _udatasel; 706 tf->tf_fs = _udatasel; 707 } else { 708 /* 709 * Don't allow users to change privileged or reserved flags. 710 */ 711 if (!EFL_SECURE(eflags, regs->tf_eflags)) { 712 uprintf( 713 "pid %d (%s): freebsd4_sigreturn eflags = 0x%x\n", 714 td->td_proc->p_pid, td->td_name, eflags); 715 return (EINVAL); 716 } 717 718 /* 719 * Don't allow users to load a valid privileged %cs. Let the 720 * hardware check for invalid selectors, excess privilege in 721 * other selectors, invalid %eip's and invalid %esp's. 722 */ 723 cs = ucp->uc_mcontext.mc_cs; 724 if (!CS_SECURE(cs)) { 725 uprintf("pid %d (%s): freebsd4_sigreturn cs = 0x%x\n", 726 td->td_proc->p_pid, td->td_name, cs); 727 ksiginfo_init_trap(&ksi); 728 ksi.ksi_signo = SIGBUS; 729 ksi.ksi_code = BUS_OBJERR; 730 ksi.ksi_trapno = T_PROTFLT; 731 ksi.ksi_addr = (void *)regs->tf_eip; 732 trapsignal(td, &ksi); 733 return (EINVAL); 734 } 735 736 bcopy(&ucp->uc_mcontext.mc_fs, regs, sizeof(*regs)); 737 } 738 739 #if defined(COMPAT_43) 740 if (ucp->uc_mcontext.mc_onstack & 1) 741 td->td_sigstk.ss_flags |= SS_ONSTACK; 742 else 743 td->td_sigstk.ss_flags &= ~SS_ONSTACK; 744 #endif 745 kern_sigprocmask(td, SIG_SETMASK, &ucp->uc_sigmask, NULL, 0); 746 return (EJUSTRETURN); 747 } 748 #endif /* COMPAT_FREEBSD4 */ 749 750 int 751 sys_sigreturn(struct thread *td, struct sigreturn_args *uap) 752 { 753 ucontext_t uc; 754 struct proc *p; 755 struct trapframe *regs; 756 ucontext_t *ucp; 757 char *xfpustate; 758 size_t xfpustate_len; 759 int cs, eflags, error, ret; 760 ksiginfo_t ksi; 761 762 p = td->td_proc; 763 764 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 765 if (error != 0) 766 return (error); 767 ucp = &uc; 768 if ((ucp->uc_mcontext.mc_flags & ~_MC_FLAG_MASK) != 0) { 769 uprintf("pid %d (%s): sigreturn mc_flags %x\n", p->p_pid, 770 td->td_name, ucp->uc_mcontext.mc_flags); 771 return (EINVAL); 772 } 773 regs = td->td_frame; 774 eflags = ucp->uc_mcontext.mc_eflags; 775 if (eflags & PSL_VM) { 776 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 777 struct vm86_kernel *vm86; 778 779 /* 780 * if pcb_ext == 0 or vm86_inited == 0, the user hasn't 781 * set up the vm86 area, and we can't enter vm86 mode. 782 */ 783 if (td->td_pcb->pcb_ext == 0) 784 return (EINVAL); 785 vm86 = &td->td_pcb->pcb_ext->ext_vm86; 786 if (vm86->vm86_inited == 0) 787 return (EINVAL); 788 789 /* Go back to user mode if both flags are set. */ 790 if ((eflags & PSL_VIP) && (eflags & PSL_VIF)) { 791 ksiginfo_init_trap(&ksi); 792 ksi.ksi_signo = SIGBUS; 793 ksi.ksi_code = BUS_OBJERR; 794 ksi.ksi_addr = (void *)regs->tf_eip; 795 trapsignal(td, &ksi); 796 } 797 798 if (vm86->vm86_has_vme) { 799 eflags = (tf->tf_eflags & ~VME_USERCHANGE) | 800 (eflags & VME_USERCHANGE) | PSL_VM; 801 } else { 802 vm86->vm86_eflags = eflags; /* save VIF, VIP */ 803 eflags = (tf->tf_eflags & ~VM_USERCHANGE) | 804 (eflags & VM_USERCHANGE) | PSL_VM; 805 } 806 bcopy(&ucp->uc_mcontext.mc_fs, tf, sizeof(struct trapframe)); 807 tf->tf_eflags = eflags; 808 tf->tf_vm86_ds = tf->tf_ds; 809 tf->tf_vm86_es = tf->tf_es; 810 tf->tf_vm86_fs = tf->tf_fs; 811 tf->tf_vm86_gs = ucp->uc_mcontext.mc_gs; 812 tf->tf_ds = _udatasel; 813 tf->tf_es = _udatasel; 814 tf->tf_fs = _udatasel; 815 } else { 816 /* 817 * Don't allow users to change privileged or reserved flags. 818 */ 819 if (!EFL_SECURE(eflags, regs->tf_eflags)) { 820 uprintf("pid %d (%s): sigreturn eflags = 0x%x\n", 821 td->td_proc->p_pid, td->td_name, eflags); 822 return (EINVAL); 823 } 824 825 /* 826 * Don't allow users to load a valid privileged %cs. Let the 827 * hardware check for invalid selectors, excess privilege in 828 * other selectors, invalid %eip's and invalid %esp's. 829 */ 830 cs = ucp->uc_mcontext.mc_cs; 831 if (!CS_SECURE(cs)) { 832 uprintf("pid %d (%s): sigreturn cs = 0x%x\n", 833 td->td_proc->p_pid, td->td_name, cs); 834 ksiginfo_init_trap(&ksi); 835 ksi.ksi_signo = SIGBUS; 836 ksi.ksi_code = BUS_OBJERR; 837 ksi.ksi_trapno = T_PROTFLT; 838 ksi.ksi_addr = (void *)regs->tf_eip; 839 trapsignal(td, &ksi); 840 return (EINVAL); 841 } 842 843 if ((uc.uc_mcontext.mc_flags & _MC_HASFPXSTATE) != 0) { 844 xfpustate_len = uc.uc_mcontext.mc_xfpustate_len; 845 if (xfpustate_len > cpu_max_ext_state_size - 846 sizeof(union savefpu)) { 847 uprintf( 848 "pid %d (%s): sigreturn xfpusave_len = 0x%zx\n", 849 p->p_pid, td->td_name, xfpustate_len); 850 return (EINVAL); 851 } 852 xfpustate = __builtin_alloca(xfpustate_len); 853 error = copyin( 854 (const void *)uc.uc_mcontext.mc_xfpustate, 855 xfpustate, xfpustate_len); 856 if (error != 0) { 857 uprintf( 858 "pid %d (%s): sigreturn copying xfpustate failed\n", 859 p->p_pid, td->td_name); 860 return (error); 861 } 862 } else { 863 xfpustate = NULL; 864 xfpustate_len = 0; 865 } 866 ret = set_fpcontext(td, &ucp->uc_mcontext, xfpustate, 867 xfpustate_len); 868 if (ret != 0) 869 return (ret); 870 bcopy(&ucp->uc_mcontext.mc_fs, regs, sizeof(*regs)); 871 } 872 873 #if defined(COMPAT_43) 874 if (ucp->uc_mcontext.mc_onstack & 1) 875 td->td_sigstk.ss_flags |= SS_ONSTACK; 876 else 877 td->td_sigstk.ss_flags &= ~SS_ONSTACK; 878 #endif 879 880 kern_sigprocmask(td, SIG_SETMASK, &ucp->uc_sigmask, NULL, 0); 881 return (EJUSTRETURN); 882 } 883 884 /* 885 * Reset the hardware debug registers if they were in use. 886 * They won't have any meaning for the newly exec'd process. 887 */ 888 void 889 x86_clear_dbregs(struct pcb *pcb) 890 { 891 if ((pcb->pcb_flags & PCB_DBREGS) == 0) 892 return; 893 894 pcb->pcb_dr0 = 0; 895 pcb->pcb_dr1 = 0; 896 pcb->pcb_dr2 = 0; 897 pcb->pcb_dr3 = 0; 898 pcb->pcb_dr6 = 0; 899 pcb->pcb_dr7 = 0; 900 901 if (pcb == curpcb) { 902 /* 903 * Clear the debug registers on the running CPU, 904 * otherwise they will end up affecting the next 905 * process we switch to. 906 */ 907 reset_dbregs(); 908 } 909 pcb->pcb_flags &= ~PCB_DBREGS; 910 } 911 912 #ifdef COMPAT_43 913 static void 914 setup_priv_lcall_gate(struct proc *p) 915 { 916 struct i386_ldt_args uap; 917 union descriptor desc; 918 u_int lcall_addr; 919 920 bzero(&uap, sizeof(uap)); 921 uap.start = 0; 922 uap.num = 1; 923 lcall_addr = p->p_sysent->sv_psstrings - sz_lcall_tramp; 924 bzero(&desc, sizeof(desc)); 925 desc.sd.sd_type = SDT_MEMERA; 926 desc.sd.sd_dpl = SEL_UPL; 927 desc.sd.sd_p = 1; 928 desc.sd.sd_def32 = 1; 929 desc.sd.sd_gran = 1; 930 desc.sd.sd_lolimit = 0xffff; 931 desc.sd.sd_hilimit = 0xf; 932 desc.sd.sd_lobase = lcall_addr; 933 desc.sd.sd_hibase = lcall_addr >> 24; 934 i386_set_ldt(curthread, &uap, &desc); 935 } 936 #endif 937 938 /* 939 * Reset registers to default values on exec. 940 */ 941 void 942 exec_setregs(struct thread *td, struct image_params *imgp, uintptr_t stack) 943 { 944 struct trapframe *regs; 945 struct pcb *pcb; 946 register_t saved_eflags; 947 948 regs = td->td_frame; 949 pcb = td->td_pcb; 950 951 /* Reset pc->pcb_gs and %gs before possibly invalidating it. */ 952 pcb->pcb_gs = _udatasel; 953 load_gs(_udatasel); 954 955 mtx_lock_spin(&dt_lock); 956 if (td->td_proc->p_md.md_ldt != NULL) 957 user_ldt_free(td); 958 else 959 mtx_unlock_spin(&dt_lock); 960 961 #ifdef COMPAT_43 962 if (td->td_proc->p_sysent->sv_psstrings != 963 elf32_freebsd_sysvec.sv_psstrings) 964 setup_priv_lcall_gate(td->td_proc); 965 #endif 966 967 /* 968 * Reset the fs and gs bases. The values from the old address 969 * space do not make sense for the new program. In particular, 970 * gsbase might be the TLS base for the old program but the new 971 * program has no TLS now. 972 */ 973 set_fsbase(td, 0); 974 set_gsbase(td, 0); 975 976 /* Make sure edx is 0x0 on entry. Linux binaries depend on it. */ 977 saved_eflags = regs->tf_eflags & PSL_T; 978 bzero((char *)regs, sizeof(struct trapframe)); 979 regs->tf_eip = imgp->entry_addr; 980 regs->tf_esp = stack; 981 regs->tf_eflags = PSL_USER | saved_eflags; 982 regs->tf_ss = _udatasel; 983 regs->tf_ds = _udatasel; 984 regs->tf_es = _udatasel; 985 regs->tf_fs = _udatasel; 986 regs->tf_cs = _ucodesel; 987 988 /* PS_STRINGS value for BSD/OS binaries. It is 0 for non-BSD/OS. */ 989 regs->tf_ebx = (register_t)imgp->ps_strings; 990 991 x86_clear_dbregs(pcb); 992 993 pcb->pcb_initial_npxcw = __INITIAL_NPXCW__; 994 995 /* 996 * Drop the FP state if we hold it, so that the process gets a 997 * clean FP state if it uses the FPU again. 998 */ 999 fpstate_drop(td); 1000 } 1001 1002 int 1003 fill_regs(struct thread *td, struct reg *regs) 1004 { 1005 struct pcb *pcb; 1006 struct trapframe *tp; 1007 1008 tp = td->td_frame; 1009 pcb = td->td_pcb; 1010 regs->r_gs = pcb->pcb_gs; 1011 return (fill_frame_regs(tp, regs)); 1012 } 1013 1014 int 1015 fill_frame_regs(struct trapframe *tp, struct reg *regs) 1016 { 1017 1018 regs->r_fs = tp->tf_fs; 1019 regs->r_es = tp->tf_es; 1020 regs->r_ds = tp->tf_ds; 1021 regs->r_edi = tp->tf_edi; 1022 regs->r_esi = tp->tf_esi; 1023 regs->r_ebp = tp->tf_ebp; 1024 regs->r_ebx = tp->tf_ebx; 1025 regs->r_edx = tp->tf_edx; 1026 regs->r_ecx = tp->tf_ecx; 1027 regs->r_eax = tp->tf_eax; 1028 regs->r_eip = tp->tf_eip; 1029 regs->r_cs = tp->tf_cs; 1030 regs->r_eflags = tp->tf_eflags; 1031 regs->r_esp = tp->tf_esp; 1032 regs->r_ss = tp->tf_ss; 1033 regs->r_err = 0; 1034 regs->r_trapno = 0; 1035 return (0); 1036 } 1037 1038 int 1039 set_regs(struct thread *td, struct reg *regs) 1040 { 1041 struct pcb *pcb; 1042 struct trapframe *tp; 1043 1044 tp = td->td_frame; 1045 if (!EFL_SECURE(regs->r_eflags, tp->tf_eflags) || 1046 !CS_SECURE(regs->r_cs)) 1047 return (EINVAL); 1048 pcb = td->td_pcb; 1049 tp->tf_fs = regs->r_fs; 1050 tp->tf_es = regs->r_es; 1051 tp->tf_ds = regs->r_ds; 1052 tp->tf_edi = regs->r_edi; 1053 tp->tf_esi = regs->r_esi; 1054 tp->tf_ebp = regs->r_ebp; 1055 tp->tf_ebx = regs->r_ebx; 1056 tp->tf_edx = regs->r_edx; 1057 tp->tf_ecx = regs->r_ecx; 1058 tp->tf_eax = regs->r_eax; 1059 tp->tf_eip = regs->r_eip; 1060 tp->tf_cs = regs->r_cs; 1061 tp->tf_eflags = regs->r_eflags; 1062 tp->tf_esp = regs->r_esp; 1063 tp->tf_ss = regs->r_ss; 1064 pcb->pcb_gs = regs->r_gs; 1065 return (0); 1066 } 1067 1068 int 1069 fill_fpregs(struct thread *td, struct fpreg *fpregs) 1070 { 1071 1072 KASSERT(td == curthread || TD_IS_SUSPENDED(td) || 1073 P_SHOULDSTOP(td->td_proc), 1074 ("not suspended thread %p", td)); 1075 npxgetregs(td); 1076 if (cpu_fxsr) 1077 npx_fill_fpregs_xmm(&get_pcb_user_save_td(td)->sv_xmm, 1078 (struct save87 *)fpregs); 1079 else 1080 bcopy(&get_pcb_user_save_td(td)->sv_87, fpregs, 1081 sizeof(*fpregs)); 1082 return (0); 1083 } 1084 1085 int 1086 set_fpregs(struct thread *td, struct fpreg *fpregs) 1087 { 1088 1089 critical_enter(); 1090 if (cpu_fxsr) 1091 npx_set_fpregs_xmm((struct save87 *)fpregs, 1092 &get_pcb_user_save_td(td)->sv_xmm); 1093 else 1094 bcopy(fpregs, &get_pcb_user_save_td(td)->sv_87, 1095 sizeof(*fpregs)); 1096 npxuserinited(td); 1097 critical_exit(); 1098 return (0); 1099 } 1100 1101 /* 1102 * Get machine context. 1103 */ 1104 int 1105 get_mcontext(struct thread *td, mcontext_t *mcp, int flags) 1106 { 1107 struct trapframe *tp; 1108 struct segment_descriptor *sdp; 1109 1110 tp = td->td_frame; 1111 1112 PROC_LOCK(curthread->td_proc); 1113 mcp->mc_onstack = sigonstack(tp->tf_esp); 1114 PROC_UNLOCK(curthread->td_proc); 1115 mcp->mc_gs = td->td_pcb->pcb_gs; 1116 mcp->mc_fs = tp->tf_fs; 1117 mcp->mc_es = tp->tf_es; 1118 mcp->mc_ds = tp->tf_ds; 1119 mcp->mc_edi = tp->tf_edi; 1120 mcp->mc_esi = tp->tf_esi; 1121 mcp->mc_ebp = tp->tf_ebp; 1122 mcp->mc_isp = tp->tf_isp; 1123 mcp->mc_eflags = tp->tf_eflags; 1124 if (flags & GET_MC_CLEAR_RET) { 1125 mcp->mc_eax = 0; 1126 mcp->mc_edx = 0; 1127 mcp->mc_eflags &= ~PSL_C; 1128 } else { 1129 mcp->mc_eax = tp->tf_eax; 1130 mcp->mc_edx = tp->tf_edx; 1131 } 1132 mcp->mc_ebx = tp->tf_ebx; 1133 mcp->mc_ecx = tp->tf_ecx; 1134 mcp->mc_eip = tp->tf_eip; 1135 mcp->mc_cs = tp->tf_cs; 1136 mcp->mc_esp = tp->tf_esp; 1137 mcp->mc_ss = tp->tf_ss; 1138 mcp->mc_len = sizeof(*mcp); 1139 get_fpcontext(td, mcp, NULL, 0); 1140 sdp = &td->td_pcb->pcb_fsd; 1141 mcp->mc_fsbase = sdp->sd_hibase << 24 | sdp->sd_lobase; 1142 sdp = &td->td_pcb->pcb_gsd; 1143 mcp->mc_gsbase = sdp->sd_hibase << 24 | sdp->sd_lobase; 1144 mcp->mc_flags = 0; 1145 mcp->mc_xfpustate = 0; 1146 mcp->mc_xfpustate_len = 0; 1147 bzero(mcp->mc_spare2, sizeof(mcp->mc_spare2)); 1148 return (0); 1149 } 1150 1151 /* 1152 * Set machine context. 1153 * 1154 * However, we don't set any but the user modifiable flags, and we won't 1155 * touch the cs selector. 1156 */ 1157 int 1158 set_mcontext(struct thread *td, mcontext_t *mcp) 1159 { 1160 struct trapframe *tp; 1161 char *xfpustate; 1162 int eflags, ret; 1163 1164 tp = td->td_frame; 1165 if (mcp->mc_len != sizeof(*mcp) || 1166 (mcp->mc_flags & ~_MC_FLAG_MASK) != 0) 1167 return (EINVAL); 1168 eflags = (mcp->mc_eflags & PSL_USERCHANGE) | 1169 (tp->tf_eflags & ~PSL_USERCHANGE); 1170 if (mcp->mc_flags & _MC_HASFPXSTATE) { 1171 if (mcp->mc_xfpustate_len > cpu_max_ext_state_size - 1172 sizeof(union savefpu)) 1173 return (EINVAL); 1174 xfpustate = __builtin_alloca(mcp->mc_xfpustate_len); 1175 ret = copyin((void *)mcp->mc_xfpustate, xfpustate, 1176 mcp->mc_xfpustate_len); 1177 if (ret != 0) 1178 return (ret); 1179 } else 1180 xfpustate = NULL; 1181 ret = set_fpcontext(td, mcp, xfpustate, mcp->mc_xfpustate_len); 1182 if (ret != 0) 1183 return (ret); 1184 tp->tf_fs = mcp->mc_fs; 1185 tp->tf_es = mcp->mc_es; 1186 tp->tf_ds = mcp->mc_ds; 1187 tp->tf_edi = mcp->mc_edi; 1188 tp->tf_esi = mcp->mc_esi; 1189 tp->tf_ebp = mcp->mc_ebp; 1190 tp->tf_ebx = mcp->mc_ebx; 1191 tp->tf_edx = mcp->mc_edx; 1192 tp->tf_ecx = mcp->mc_ecx; 1193 tp->tf_eax = mcp->mc_eax; 1194 tp->tf_eip = mcp->mc_eip; 1195 tp->tf_eflags = eflags; 1196 tp->tf_esp = mcp->mc_esp; 1197 tp->tf_ss = mcp->mc_ss; 1198 td->td_pcb->pcb_gs = mcp->mc_gs; 1199 return (0); 1200 } 1201 1202 static void 1203 get_fpcontext(struct thread *td, mcontext_t *mcp, char *xfpusave, 1204 size_t xfpusave_len) 1205 { 1206 size_t max_len, len; 1207 1208 mcp->mc_ownedfp = npxgetregs(td); 1209 bcopy(get_pcb_user_save_td(td), &mcp->mc_fpstate[0], 1210 sizeof(mcp->mc_fpstate)); 1211 mcp->mc_fpformat = npxformat(); 1212 if (!use_xsave || xfpusave_len == 0) 1213 return; 1214 max_len = cpu_max_ext_state_size - sizeof(union savefpu); 1215 len = xfpusave_len; 1216 if (len > max_len) { 1217 len = max_len; 1218 bzero(xfpusave + max_len, len - max_len); 1219 } 1220 mcp->mc_flags |= _MC_HASFPXSTATE; 1221 mcp->mc_xfpustate_len = len; 1222 bcopy(get_pcb_user_save_td(td) + 1, xfpusave, len); 1223 } 1224 1225 static int 1226 set_fpcontext(struct thread *td, mcontext_t *mcp, char *xfpustate, 1227 size_t xfpustate_len) 1228 { 1229 int error; 1230 1231 if (mcp->mc_fpformat == _MC_FPFMT_NODEV) 1232 return (0); 1233 else if (mcp->mc_fpformat != _MC_FPFMT_387 && 1234 mcp->mc_fpformat != _MC_FPFMT_XMM) 1235 return (EINVAL); 1236 else if (mcp->mc_ownedfp == _MC_FPOWNED_NONE) { 1237 /* We don't care what state is left in the FPU or PCB. */ 1238 fpstate_drop(td); 1239 error = 0; 1240 } else if (mcp->mc_ownedfp == _MC_FPOWNED_FPU || 1241 mcp->mc_ownedfp == _MC_FPOWNED_PCB) { 1242 error = npxsetregs(td, (union savefpu *)&mcp->mc_fpstate, 1243 xfpustate, xfpustate_len); 1244 } else 1245 return (EINVAL); 1246 return (error); 1247 } 1248 1249 static void 1250 fpstate_drop(struct thread *td) 1251 { 1252 1253 KASSERT(PCB_USER_FPU(td->td_pcb), ("fpstate_drop: kernel-owned fpu")); 1254 critical_enter(); 1255 if (PCPU_GET(fpcurthread) == td) 1256 npxdrop(); 1257 /* 1258 * XXX force a full drop of the npx. The above only drops it if we 1259 * owned it. npxgetregs() has the same bug in the !cpu_fxsr case. 1260 * 1261 * XXX I don't much like npxgetregs()'s semantics of doing a full 1262 * drop. Dropping only to the pcb matches fnsave's behaviour. 1263 * We only need to drop to !PCB_INITDONE in sendsig(). But 1264 * sendsig() is the only caller of npxgetregs()... perhaps we just 1265 * have too many layers. 1266 */ 1267 curthread->td_pcb->pcb_flags &= ~(PCB_NPXINITDONE | 1268 PCB_NPXUSERINITDONE); 1269 critical_exit(); 1270 } 1271 1272 int 1273 fill_dbregs(struct thread *td, struct dbreg *dbregs) 1274 { 1275 struct pcb *pcb; 1276 1277 if (td == NULL) { 1278 dbregs->dr[0] = rdr0(); 1279 dbregs->dr[1] = rdr1(); 1280 dbregs->dr[2] = rdr2(); 1281 dbregs->dr[3] = rdr3(); 1282 dbregs->dr[6] = rdr6(); 1283 dbregs->dr[7] = rdr7(); 1284 } else { 1285 pcb = td->td_pcb; 1286 dbregs->dr[0] = pcb->pcb_dr0; 1287 dbregs->dr[1] = pcb->pcb_dr1; 1288 dbregs->dr[2] = pcb->pcb_dr2; 1289 dbregs->dr[3] = pcb->pcb_dr3; 1290 dbregs->dr[6] = pcb->pcb_dr6; 1291 dbregs->dr[7] = pcb->pcb_dr7; 1292 } 1293 dbregs->dr[4] = 0; 1294 dbregs->dr[5] = 0; 1295 return (0); 1296 } 1297 1298 int 1299 set_dbregs(struct thread *td, struct dbreg *dbregs) 1300 { 1301 struct pcb *pcb; 1302 int i; 1303 1304 if (td == NULL) { 1305 load_dr0(dbregs->dr[0]); 1306 load_dr1(dbregs->dr[1]); 1307 load_dr2(dbregs->dr[2]); 1308 load_dr3(dbregs->dr[3]); 1309 load_dr6(dbregs->dr[6]); 1310 load_dr7(dbregs->dr[7]); 1311 } else { 1312 /* 1313 * Don't let an illegal value for dr7 get set. Specifically, 1314 * check for undefined settings. Setting these bit patterns 1315 * result in undefined behaviour and can lead to an unexpected 1316 * TRCTRAP. 1317 */ 1318 for (i = 0; i < 4; i++) { 1319 if (DBREG_DR7_ACCESS(dbregs->dr[7], i) == 0x02) 1320 return (EINVAL); 1321 if (DBREG_DR7_LEN(dbregs->dr[7], i) == 0x02) 1322 return (EINVAL); 1323 } 1324 1325 pcb = td->td_pcb; 1326 1327 /* 1328 * Don't let a process set a breakpoint that is not within the 1329 * process's address space. If a process could do this, it 1330 * could halt the system by setting a breakpoint in the kernel 1331 * (if ddb was enabled). Thus, we need to check to make sure 1332 * that no breakpoints are being enabled for addresses outside 1333 * process's address space. 1334 * 1335 * XXX - what about when the watched area of the user's 1336 * address space is written into from within the kernel 1337 * ... wouldn't that still cause a breakpoint to be generated 1338 * from within kernel mode? 1339 */ 1340 1341 if (DBREG_DR7_ENABLED(dbregs->dr[7], 0)) { 1342 /* dr0 is enabled */ 1343 if (dbregs->dr[0] >= VM_MAXUSER_ADDRESS) 1344 return (EINVAL); 1345 } 1346 1347 if (DBREG_DR7_ENABLED(dbregs->dr[7], 1)) { 1348 /* dr1 is enabled */ 1349 if (dbregs->dr[1] >= VM_MAXUSER_ADDRESS) 1350 return (EINVAL); 1351 } 1352 1353 if (DBREG_DR7_ENABLED(dbregs->dr[7], 2)) { 1354 /* dr2 is enabled */ 1355 if (dbregs->dr[2] >= VM_MAXUSER_ADDRESS) 1356 return (EINVAL); 1357 } 1358 1359 if (DBREG_DR7_ENABLED(dbregs->dr[7], 3)) { 1360 /* dr3 is enabled */ 1361 if (dbregs->dr[3] >= VM_MAXUSER_ADDRESS) 1362 return (EINVAL); 1363 } 1364 1365 pcb->pcb_dr0 = dbregs->dr[0]; 1366 pcb->pcb_dr1 = dbregs->dr[1]; 1367 pcb->pcb_dr2 = dbregs->dr[2]; 1368 pcb->pcb_dr3 = dbregs->dr[3]; 1369 pcb->pcb_dr6 = dbregs->dr[6]; 1370 pcb->pcb_dr7 = dbregs->dr[7]; 1371 1372 pcb->pcb_flags |= PCB_DBREGS; 1373 } 1374 1375 return (0); 1376 } 1377 1378 /* 1379 * Return > 0 if a hardware breakpoint has been hit, and the 1380 * breakpoint was in user space. Return 0, otherwise. 1381 */ 1382 int 1383 user_dbreg_trap(register_t dr6) 1384 { 1385 u_int32_t dr7; 1386 u_int32_t bp; /* breakpoint bits extracted from dr6 */ 1387 int nbp; /* number of breakpoints that triggered */ 1388 caddr_t addr[4]; /* breakpoint addresses */ 1389 int i; 1390 1391 bp = dr6 & DBREG_DR6_BMASK; 1392 if (bp == 0) { 1393 /* 1394 * None of the breakpoint bits are set meaning this 1395 * trap was not caused by any of the debug registers 1396 */ 1397 return (0); 1398 } 1399 1400 dr7 = rdr7(); 1401 if ((dr7 & 0x000000ff) == 0) { 1402 /* 1403 * all GE and LE bits in the dr7 register are zero, 1404 * thus the trap couldn't have been caused by the 1405 * hardware debug registers 1406 */ 1407 return (0); 1408 } 1409 1410 nbp = 0; 1411 1412 /* 1413 * at least one of the breakpoints were hit, check to see 1414 * which ones and if any of them are user space addresses 1415 */ 1416 1417 if (bp & 0x01) { 1418 addr[nbp++] = (caddr_t)rdr0(); 1419 } 1420 if (bp & 0x02) { 1421 addr[nbp++] = (caddr_t)rdr1(); 1422 } 1423 if (bp & 0x04) { 1424 addr[nbp++] = (caddr_t)rdr2(); 1425 } 1426 if (bp & 0x08) { 1427 addr[nbp++] = (caddr_t)rdr3(); 1428 } 1429 1430 for (i = 0; i < nbp; i++) { 1431 if (addr[i] < (caddr_t)VM_MAXUSER_ADDRESS) { 1432 /* 1433 * addr[i] is in user space 1434 */ 1435 return (nbp); 1436 } 1437 } 1438 1439 /* 1440 * None of the breakpoints are in user space. 1441 */ 1442 return (0); 1443 } 1444