1 /*- 2 * SPDX-License-Identifier: BSD-4-Clause 3 * 4 * Copyright (c) 2018 The FreeBSD Foundation 5 * Copyright (c) 1992 Terrence R. Lambert. 6 * Copyright (c) 1982, 1987, 1990 The Regents of the University of California. 7 * All rights reserved. 8 * 9 * This code is derived from software contributed to Berkeley by 10 * William Jolitz. 11 * 12 * Portions of this software were developed by A. Joseph Koshy under 13 * sponsorship from the FreeBSD Foundation and Google, Inc. 14 * 15 * Redistribution and use in source and binary forms, with or without 16 * modification, are permitted provided that the following conditions 17 * are met: 18 * 1. Redistributions of source code must retain the above copyright 19 * notice, this list of conditions and the following disclaimer. 20 * 2. Redistributions in binary form must reproduce the above copyright 21 * notice, this list of conditions and the following disclaimer in the 22 * documentation and/or other materials provided with the distribution. 23 * 3. All advertising materials mentioning features or use of this software 24 * must display the following acknowledgement: 25 * This product includes software developed by the University of 26 * California, Berkeley and its contributors. 27 * 4. Neither the name of the University nor the names of its contributors 28 * may be used to endorse or promote products derived from this software 29 * without specific prior written permission. 30 * 31 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 32 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 33 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 34 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 35 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 36 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 37 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 39 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 40 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 41 * SUCH DAMAGE. 42 * 43 * from: @(#)machdep.c 7.4 (Berkeley) 6/3/91 44 */ 45 46 #include <sys/cdefs.h> 47 __FBSDID("$FreeBSD$"); 48 49 #include "opt_cpu.h" 50 #include "opt_ddb.h" 51 #include "opt_kstack_pages.h" 52 53 #include <sys/param.h> 54 #include <sys/proc.h> 55 #include <sys/systm.h> 56 #include <sys/exec.h> 57 #include <sys/imgact.h> 58 #include <sys/kdb.h> 59 #include <sys/kernel.h> 60 #include <sys/ktr.h> 61 #include <sys/linker.h> 62 #include <sys/lock.h> 63 #include <sys/malloc.h> 64 #include <sys/mutex.h> 65 #include <sys/pcpu.h> 66 #include <sys/ptrace.h> 67 #include <sys/reg.h> 68 #include <sys/rwlock.h> 69 #include <sys/signalvar.h> 70 #include <sys/syscallsubr.h> 71 #include <sys/sysctl.h> 72 #include <sys/sysent.h> 73 #include <sys/sysproto.h> 74 #include <sys/ucontext.h> 75 #include <sys/vmmeter.h> 76 77 #include <vm/vm.h> 78 #include <vm/vm_param.h> 79 #include <vm/vm_extern.h> 80 #include <vm/vm_kern.h> 81 #include <vm/vm_page.h> 82 #include <vm/vm_map.h> 83 #include <vm/vm_object.h> 84 85 #ifdef DDB 86 #ifndef KDB 87 #error KDB must be enabled in order for DDB to work! 88 #endif 89 #include <ddb/ddb.h> 90 #include <ddb/db_sym.h> 91 #endif 92 93 #include <machine/cpu.h> 94 #include <machine/cputypes.h> 95 #include <machine/md_var.h> 96 #include <machine/pcb.h> 97 #include <machine/pcb_ext.h> 98 #include <machine/proc.h> 99 #include <machine/sigframe.h> 100 #include <machine/specialreg.h> 101 #include <machine/sysarch.h> 102 #include <machine/trap.h> 103 104 static void fpstate_drop(struct thread *td); 105 static void get_fpcontext(struct thread *td, mcontext_t *mcp, 106 char *xfpusave, size_t xfpusave_len); 107 static int set_fpcontext(struct thread *td, mcontext_t *mcp, 108 char *xfpustate, size_t xfpustate_len); 109 #ifdef COMPAT_43 110 static void osendsig(sig_t catcher, ksiginfo_t *, sigset_t *mask); 111 #endif 112 #ifdef COMPAT_FREEBSD4 113 static void freebsd4_sendsig(sig_t catcher, ksiginfo_t *, sigset_t *mask); 114 #endif 115 116 extern struct sysentvec elf32_freebsd_sysvec; 117 118 _Static_assert(sizeof(mcontext_t) == 640, "mcontext_t size incorrect"); 119 _Static_assert(sizeof(ucontext_t) == 704, "ucontext_t size incorrect"); 120 _Static_assert(sizeof(siginfo_t) == 64, "siginfo_t size incorrect"); 121 122 /* 123 * Send an interrupt to process. 124 * 125 * Stack is set up to allow sigcode stored at top to call routine, 126 * followed by call to sigreturn routine below. After sigreturn 127 * resets the signal mask, the stack, and the frame pointer, it 128 * returns to the user specified pc, psl. 129 */ 130 #ifdef COMPAT_43 131 static void 132 osendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 133 { 134 struct osigframe sf, *fp; 135 struct proc *p; 136 struct thread *td; 137 struct sigacts *psp; 138 struct trapframe *regs; 139 int sig; 140 int oonstack; 141 142 td = curthread; 143 p = td->td_proc; 144 PROC_LOCK_ASSERT(p, MA_OWNED); 145 sig = ksi->ksi_signo; 146 psp = p->p_sigacts; 147 mtx_assert(&psp->ps_mtx, MA_OWNED); 148 regs = td->td_frame; 149 oonstack = sigonstack(regs->tf_esp); 150 151 /* Allocate space for the signal handler context. */ 152 if ((td->td_pflags & TDP_ALTSTACK) && !oonstack && 153 SIGISMEMBER(psp->ps_sigonstack, sig)) { 154 fp = (struct osigframe *)((uintptr_t)td->td_sigstk.ss_sp + 155 td->td_sigstk.ss_size - sizeof(struct osigframe)); 156 #if defined(COMPAT_43) 157 td->td_sigstk.ss_flags |= SS_ONSTACK; 158 #endif 159 } else 160 fp = (struct osigframe *)regs->tf_esp - 1; 161 162 /* Build the argument list for the signal handler. */ 163 sf.sf_signum = sig; 164 sf.sf_scp = (register_t)&fp->sf_siginfo.si_sc; 165 bzero(&sf.sf_siginfo, sizeof(sf.sf_siginfo)); 166 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 167 /* Signal handler installed with SA_SIGINFO. */ 168 sf.sf_arg2 = (register_t)&fp->sf_siginfo; 169 sf.sf_siginfo.si_signo = sig; 170 sf.sf_siginfo.si_code = ksi->ksi_code; 171 sf.sf_ahu.sf_action = (__osiginfohandler_t *)catcher; 172 sf.sf_addr = 0; 173 } else { 174 /* Old FreeBSD-style arguments. */ 175 sf.sf_arg2 = ksi->ksi_code; 176 sf.sf_addr = (register_t)ksi->ksi_addr; 177 sf.sf_ahu.sf_handler = catcher; 178 } 179 mtx_unlock(&psp->ps_mtx); 180 PROC_UNLOCK(p); 181 182 /* Save most if not all of trap frame. */ 183 sf.sf_siginfo.si_sc.sc_eax = regs->tf_eax; 184 sf.sf_siginfo.si_sc.sc_ebx = regs->tf_ebx; 185 sf.sf_siginfo.si_sc.sc_ecx = regs->tf_ecx; 186 sf.sf_siginfo.si_sc.sc_edx = regs->tf_edx; 187 sf.sf_siginfo.si_sc.sc_esi = regs->tf_esi; 188 sf.sf_siginfo.si_sc.sc_edi = regs->tf_edi; 189 sf.sf_siginfo.si_sc.sc_cs = regs->tf_cs; 190 sf.sf_siginfo.si_sc.sc_ds = regs->tf_ds; 191 sf.sf_siginfo.si_sc.sc_ss = regs->tf_ss; 192 sf.sf_siginfo.si_sc.sc_es = regs->tf_es; 193 sf.sf_siginfo.si_sc.sc_fs = regs->tf_fs; 194 sf.sf_siginfo.si_sc.sc_gs = rgs(); 195 sf.sf_siginfo.si_sc.sc_isp = regs->tf_isp; 196 197 /* Build the signal context to be used by osigreturn(). */ 198 sf.sf_siginfo.si_sc.sc_onstack = (oonstack) ? 1 : 0; 199 SIG2OSIG(*mask, sf.sf_siginfo.si_sc.sc_mask); 200 sf.sf_siginfo.si_sc.sc_sp = regs->tf_esp; 201 sf.sf_siginfo.si_sc.sc_fp = regs->tf_ebp; 202 sf.sf_siginfo.si_sc.sc_pc = regs->tf_eip; 203 sf.sf_siginfo.si_sc.sc_ps = regs->tf_eflags; 204 sf.sf_siginfo.si_sc.sc_trapno = regs->tf_trapno; 205 sf.sf_siginfo.si_sc.sc_err = regs->tf_err; 206 207 /* 208 * If we're a vm86 process, we want to save the segment registers. 209 * We also change eflags to be our emulated eflags, not the actual 210 * eflags. 211 */ 212 if (regs->tf_eflags & PSL_VM) { 213 /* XXX confusing names: `tf' isn't a trapframe; `regs' is. */ 214 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 215 struct vm86_kernel *vm86 = &td->td_pcb->pcb_ext->ext_vm86; 216 217 sf.sf_siginfo.si_sc.sc_gs = tf->tf_vm86_gs; 218 sf.sf_siginfo.si_sc.sc_fs = tf->tf_vm86_fs; 219 sf.sf_siginfo.si_sc.sc_es = tf->tf_vm86_es; 220 sf.sf_siginfo.si_sc.sc_ds = tf->tf_vm86_ds; 221 222 if (vm86->vm86_has_vme == 0) 223 sf.sf_siginfo.si_sc.sc_ps = 224 (tf->tf_eflags & ~(PSL_VIF | PSL_VIP)) | 225 (vm86->vm86_eflags & (PSL_VIF | PSL_VIP)); 226 227 /* See sendsig() for comments. */ 228 tf->tf_eflags &= ~(PSL_VM | PSL_NT | PSL_VIF | PSL_VIP); 229 } 230 231 /* 232 * Copy the sigframe out to the user's stack. 233 */ 234 if (copyout(&sf, fp, sizeof(*fp)) != 0) { 235 PROC_LOCK(p); 236 sigexit(td, SIGILL); 237 } 238 239 regs->tf_esp = (int)fp; 240 if (p->p_sysent->sv_sigcode_base != 0) { 241 regs->tf_eip = p->p_sysent->sv_sigcode_base + szsigcode - 242 szosigcode; 243 } else { 244 /* a.out sysentvec does not use shared page */ 245 regs->tf_eip = PROC_PS_STRINGS(p) - szosigcode; 246 } 247 regs->tf_eflags &= ~(PSL_T | PSL_D); 248 regs->tf_cs = _ucodesel; 249 regs->tf_ds = _udatasel; 250 regs->tf_es = _udatasel; 251 regs->tf_fs = _udatasel; 252 load_gs(_udatasel); 253 regs->tf_ss = _udatasel; 254 PROC_LOCK(p); 255 mtx_lock(&psp->ps_mtx); 256 } 257 #endif /* COMPAT_43 */ 258 259 #ifdef COMPAT_FREEBSD4 260 static void 261 freebsd4_sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 262 { 263 struct freebsd4_sigframe sf, *sfp; 264 struct proc *p; 265 struct thread *td; 266 struct sigacts *psp; 267 struct trapframe *regs; 268 int sig; 269 int oonstack; 270 271 td = curthread; 272 p = td->td_proc; 273 PROC_LOCK_ASSERT(p, MA_OWNED); 274 sig = ksi->ksi_signo; 275 psp = p->p_sigacts; 276 mtx_assert(&psp->ps_mtx, MA_OWNED); 277 regs = td->td_frame; 278 oonstack = sigonstack(regs->tf_esp); 279 280 /* Save user context. */ 281 bzero(&sf, sizeof(sf)); 282 sf.sf_uc.uc_sigmask = *mask; 283 sf.sf_uc.uc_stack = td->td_sigstk; 284 sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 285 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 286 sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 287 sf.sf_uc.uc_mcontext.mc_gs = rgs(); 288 bcopy(regs, &sf.sf_uc.uc_mcontext.mc_fs, sizeof(*regs)); 289 bzero(sf.sf_uc.uc_mcontext.mc_fpregs, 290 sizeof(sf.sf_uc.uc_mcontext.mc_fpregs)); 291 bzero(sf.sf_uc.uc_mcontext.__spare__, 292 sizeof(sf.sf_uc.uc_mcontext.__spare__)); 293 bzero(sf.sf_uc.__spare__, sizeof(sf.sf_uc.__spare__)); 294 295 /* Allocate space for the signal handler context. */ 296 if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 297 SIGISMEMBER(psp->ps_sigonstack, sig)) { 298 sfp = (struct freebsd4_sigframe *)((uintptr_t)td->td_sigstk.ss_sp + 299 td->td_sigstk.ss_size - sizeof(struct freebsd4_sigframe)); 300 #if defined(COMPAT_43) 301 td->td_sigstk.ss_flags |= SS_ONSTACK; 302 #endif 303 } else 304 sfp = (struct freebsd4_sigframe *)regs->tf_esp - 1; 305 306 /* Build the argument list for the signal handler. */ 307 sf.sf_signum = sig; 308 sf.sf_ucontext = (register_t)&sfp->sf_uc; 309 bzero(&sf.sf_si, sizeof(sf.sf_si)); 310 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 311 /* Signal handler installed with SA_SIGINFO. */ 312 sf.sf_siginfo = (register_t)&sfp->sf_si; 313 sf.sf_ahu.sf_action = (__siginfohandler_t *)catcher; 314 315 /* Fill in POSIX parts */ 316 sf.sf_si.si_signo = sig; 317 sf.sf_si.si_code = ksi->ksi_code; 318 sf.sf_si.si_addr = ksi->ksi_addr; 319 } else { 320 /* Old FreeBSD-style arguments. */ 321 sf.sf_siginfo = ksi->ksi_code; 322 sf.sf_addr = (register_t)ksi->ksi_addr; 323 sf.sf_ahu.sf_handler = catcher; 324 } 325 mtx_unlock(&psp->ps_mtx); 326 PROC_UNLOCK(p); 327 328 /* 329 * If we're a vm86 process, we want to save the segment registers. 330 * We also change eflags to be our emulated eflags, not the actual 331 * eflags. 332 */ 333 if (regs->tf_eflags & PSL_VM) { 334 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 335 struct vm86_kernel *vm86 = &td->td_pcb->pcb_ext->ext_vm86; 336 337 sf.sf_uc.uc_mcontext.mc_gs = tf->tf_vm86_gs; 338 sf.sf_uc.uc_mcontext.mc_fs = tf->tf_vm86_fs; 339 sf.sf_uc.uc_mcontext.mc_es = tf->tf_vm86_es; 340 sf.sf_uc.uc_mcontext.mc_ds = tf->tf_vm86_ds; 341 342 if (vm86->vm86_has_vme == 0) 343 sf.sf_uc.uc_mcontext.mc_eflags = 344 (tf->tf_eflags & ~(PSL_VIF | PSL_VIP)) | 345 (vm86->vm86_eflags & (PSL_VIF | PSL_VIP)); 346 347 /* 348 * Clear PSL_NT to inhibit T_TSSFLT faults on return from 349 * syscalls made by the signal handler. This just avoids 350 * wasting time for our lazy fixup of such faults. PSL_NT 351 * does nothing in vm86 mode, but vm86 programs can set it 352 * almost legitimately in probes for old cpu types. 353 */ 354 tf->tf_eflags &= ~(PSL_VM | PSL_NT | PSL_VIF | PSL_VIP); 355 } 356 357 /* 358 * Copy the sigframe out to the user's stack. 359 */ 360 if (copyout(&sf, sfp, sizeof(*sfp)) != 0) { 361 PROC_LOCK(p); 362 sigexit(td, SIGILL); 363 } 364 365 regs->tf_esp = (int)sfp; 366 regs->tf_eip = p->p_sysent->sv_sigcode_base + szsigcode - 367 szfreebsd4_sigcode; 368 regs->tf_eflags &= ~(PSL_T | PSL_D); 369 regs->tf_cs = _ucodesel; 370 regs->tf_ds = _udatasel; 371 regs->tf_es = _udatasel; 372 regs->tf_fs = _udatasel; 373 regs->tf_ss = _udatasel; 374 PROC_LOCK(p); 375 mtx_lock(&psp->ps_mtx); 376 } 377 #endif /* COMPAT_FREEBSD4 */ 378 379 void 380 sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 381 { 382 struct sigframe sf, *sfp; 383 struct proc *p; 384 struct thread *td; 385 struct sigacts *psp; 386 char *sp; 387 struct trapframe *regs; 388 struct segment_descriptor *sdp; 389 char *xfpusave; 390 size_t xfpusave_len; 391 int sig; 392 int oonstack; 393 394 td = curthread; 395 p = td->td_proc; 396 PROC_LOCK_ASSERT(p, MA_OWNED); 397 sig = ksi->ksi_signo; 398 psp = p->p_sigacts; 399 mtx_assert(&psp->ps_mtx, MA_OWNED); 400 #ifdef COMPAT_FREEBSD4 401 if (SIGISMEMBER(psp->ps_freebsd4, sig)) { 402 freebsd4_sendsig(catcher, ksi, mask); 403 return; 404 } 405 #endif 406 #ifdef COMPAT_43 407 if (SIGISMEMBER(psp->ps_osigset, sig)) { 408 osendsig(catcher, ksi, mask); 409 return; 410 } 411 #endif 412 regs = td->td_frame; 413 oonstack = sigonstack(regs->tf_esp); 414 415 if (cpu_max_ext_state_size > sizeof(union savefpu) && use_xsave) { 416 xfpusave_len = cpu_max_ext_state_size - sizeof(union savefpu); 417 xfpusave = __builtin_alloca(xfpusave_len); 418 } else { 419 xfpusave_len = 0; 420 xfpusave = NULL; 421 } 422 423 /* Save user context. */ 424 bzero(&sf, sizeof(sf)); 425 sf.sf_uc.uc_sigmask = *mask; 426 sf.sf_uc.uc_stack = td->td_sigstk; 427 sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 428 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 429 sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 430 sf.sf_uc.uc_mcontext.mc_gs = rgs(); 431 bcopy(regs, &sf.sf_uc.uc_mcontext.mc_fs, sizeof(*regs)); 432 sf.sf_uc.uc_mcontext.mc_len = sizeof(sf.sf_uc.uc_mcontext); /* magic */ 433 get_fpcontext(td, &sf.sf_uc.uc_mcontext, xfpusave, xfpusave_len); 434 fpstate_drop(td); 435 /* 436 * Unconditionally fill the fsbase and gsbase into the mcontext. 437 */ 438 sdp = &td->td_pcb->pcb_fsd; 439 sf.sf_uc.uc_mcontext.mc_fsbase = sdp->sd_hibase << 24 | 440 sdp->sd_lobase; 441 sdp = &td->td_pcb->pcb_gsd; 442 sf.sf_uc.uc_mcontext.mc_gsbase = sdp->sd_hibase << 24 | 443 sdp->sd_lobase; 444 bzero(sf.sf_uc.uc_mcontext.mc_spare2, 445 sizeof(sf.sf_uc.uc_mcontext.mc_spare2)); 446 447 /* Allocate space for the signal handler context. */ 448 if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 449 SIGISMEMBER(psp->ps_sigonstack, sig)) { 450 sp = (char *)td->td_sigstk.ss_sp + td->td_sigstk.ss_size; 451 #if defined(COMPAT_43) 452 td->td_sigstk.ss_flags |= SS_ONSTACK; 453 #endif 454 } else 455 sp = (char *)regs->tf_esp - 128; 456 if (xfpusave != NULL) { 457 sp -= xfpusave_len; 458 sp = (char *)((unsigned int)sp & ~0x3F); 459 sf.sf_uc.uc_mcontext.mc_xfpustate = (register_t)sp; 460 } 461 sp -= sizeof(struct sigframe); 462 463 /* Align to 16 bytes. */ 464 sfp = (struct sigframe *)((unsigned int)sp & ~0xF); 465 466 /* Build the argument list for the signal handler. */ 467 sf.sf_signum = sig; 468 sf.sf_ucontext = (register_t)&sfp->sf_uc; 469 bzero(&sf.sf_si, sizeof(sf.sf_si)); 470 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 471 /* Signal handler installed with SA_SIGINFO. */ 472 sf.sf_siginfo = (register_t)&sfp->sf_si; 473 sf.sf_ahu.sf_action = (__siginfohandler_t *)catcher; 474 475 /* Fill in POSIX parts */ 476 sf.sf_si = ksi->ksi_info; 477 sf.sf_si.si_signo = sig; /* maybe a translated signal */ 478 } else { 479 /* Old FreeBSD-style arguments. */ 480 sf.sf_siginfo = ksi->ksi_code; 481 sf.sf_addr = (register_t)ksi->ksi_addr; 482 sf.sf_ahu.sf_handler = catcher; 483 } 484 mtx_unlock(&psp->ps_mtx); 485 PROC_UNLOCK(p); 486 487 /* 488 * If we're a vm86 process, we want to save the segment registers. 489 * We also change eflags to be our emulated eflags, not the actual 490 * eflags. 491 */ 492 if (regs->tf_eflags & PSL_VM) { 493 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 494 struct vm86_kernel *vm86 = &td->td_pcb->pcb_ext->ext_vm86; 495 496 sf.sf_uc.uc_mcontext.mc_gs = tf->tf_vm86_gs; 497 sf.sf_uc.uc_mcontext.mc_fs = tf->tf_vm86_fs; 498 sf.sf_uc.uc_mcontext.mc_es = tf->tf_vm86_es; 499 sf.sf_uc.uc_mcontext.mc_ds = tf->tf_vm86_ds; 500 501 if (vm86->vm86_has_vme == 0) 502 sf.sf_uc.uc_mcontext.mc_eflags = 503 (tf->tf_eflags & ~(PSL_VIF | PSL_VIP)) | 504 (vm86->vm86_eflags & (PSL_VIF | PSL_VIP)); 505 506 /* 507 * Clear PSL_NT to inhibit T_TSSFLT faults on return from 508 * syscalls made by the signal handler. This just avoids 509 * wasting time for our lazy fixup of such faults. PSL_NT 510 * does nothing in vm86 mode, but vm86 programs can set it 511 * almost legitimately in probes for old cpu types. 512 */ 513 tf->tf_eflags &= ~(PSL_VM | PSL_NT | PSL_VIF | PSL_VIP); 514 } 515 516 /* 517 * Copy the sigframe out to the user's stack. 518 */ 519 if (copyout(&sf, sfp, sizeof(*sfp)) != 0 || 520 (xfpusave != NULL && copyout(xfpusave, 521 (void *)sf.sf_uc.uc_mcontext.mc_xfpustate, xfpusave_len) 522 != 0)) { 523 PROC_LOCK(p); 524 sigexit(td, SIGILL); 525 } 526 527 regs->tf_esp = (int)sfp; 528 regs->tf_eip = p->p_sysent->sv_sigcode_base; 529 if (regs->tf_eip == 0) 530 regs->tf_eip = PROC_PS_STRINGS(p) - szsigcode; 531 regs->tf_eflags &= ~(PSL_T | PSL_D); 532 regs->tf_cs = _ucodesel; 533 regs->tf_ds = _udatasel; 534 regs->tf_es = _udatasel; 535 regs->tf_fs = _udatasel; 536 regs->tf_ss = _udatasel; 537 PROC_LOCK(p); 538 mtx_lock(&psp->ps_mtx); 539 } 540 541 /* 542 * System call to cleanup state after a signal has been taken. Reset 543 * signal mask and stack state from context left by sendsig (above). 544 * Return to previous pc and psl as specified by context left by 545 * sendsig. Check carefully to make sure that the user has not 546 * modified the state to gain improper privileges. 547 */ 548 #ifdef COMPAT_43 549 int 550 osigreturn(struct thread *td, struct osigreturn_args *uap) 551 { 552 struct osigcontext sc; 553 struct trapframe *regs; 554 struct osigcontext *scp; 555 int eflags, error; 556 ksiginfo_t ksi; 557 558 regs = td->td_frame; 559 error = copyin(uap->sigcntxp, &sc, sizeof(sc)); 560 if (error != 0) 561 return (error); 562 scp = ≻ 563 eflags = scp->sc_ps; 564 if (eflags & PSL_VM) { 565 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 566 struct vm86_kernel *vm86; 567 568 /* 569 * if pcb_ext == 0 or vm86_inited == 0, the user hasn't 570 * set up the vm86 area, and we can't enter vm86 mode. 571 */ 572 if (td->td_pcb->pcb_ext == 0) 573 return (EINVAL); 574 vm86 = &td->td_pcb->pcb_ext->ext_vm86; 575 if (vm86->vm86_inited == 0) 576 return (EINVAL); 577 578 /* Go back to user mode if both flags are set. */ 579 if ((eflags & PSL_VIP) && (eflags & PSL_VIF)) { 580 ksiginfo_init_trap(&ksi); 581 ksi.ksi_signo = SIGBUS; 582 ksi.ksi_code = BUS_OBJERR; 583 ksi.ksi_addr = (void *)regs->tf_eip; 584 trapsignal(td, &ksi); 585 } 586 587 if (vm86->vm86_has_vme) { 588 eflags = (tf->tf_eflags & ~VME_USERCHANGE) | 589 (eflags & VME_USERCHANGE) | PSL_VM; 590 } else { 591 vm86->vm86_eflags = eflags; /* save VIF, VIP */ 592 eflags = (tf->tf_eflags & ~VM_USERCHANGE) | 593 (eflags & VM_USERCHANGE) | PSL_VM; 594 } 595 tf->tf_vm86_ds = scp->sc_ds; 596 tf->tf_vm86_es = scp->sc_es; 597 tf->tf_vm86_fs = scp->sc_fs; 598 tf->tf_vm86_gs = scp->sc_gs; 599 tf->tf_ds = _udatasel; 600 tf->tf_es = _udatasel; 601 tf->tf_fs = _udatasel; 602 } else { 603 /* 604 * Don't allow users to change privileged or reserved flags. 605 */ 606 if (!EFL_SECURE(eflags, regs->tf_eflags)) { 607 return (EINVAL); 608 } 609 610 /* 611 * Don't allow users to load a valid privileged %cs. Let the 612 * hardware check for invalid selectors, excess privilege in 613 * other selectors, invalid %eip's and invalid %esp's. 614 */ 615 if (!CS_SECURE(scp->sc_cs)) { 616 ksiginfo_init_trap(&ksi); 617 ksi.ksi_signo = SIGBUS; 618 ksi.ksi_code = BUS_OBJERR; 619 ksi.ksi_trapno = T_PROTFLT; 620 ksi.ksi_addr = (void *)regs->tf_eip; 621 trapsignal(td, &ksi); 622 return (EINVAL); 623 } 624 regs->tf_ds = scp->sc_ds; 625 regs->tf_es = scp->sc_es; 626 regs->tf_fs = scp->sc_fs; 627 } 628 629 /* Restore remaining registers. */ 630 regs->tf_eax = scp->sc_eax; 631 regs->tf_ebx = scp->sc_ebx; 632 regs->tf_ecx = scp->sc_ecx; 633 regs->tf_edx = scp->sc_edx; 634 regs->tf_esi = scp->sc_esi; 635 regs->tf_edi = scp->sc_edi; 636 regs->tf_cs = scp->sc_cs; 637 regs->tf_ss = scp->sc_ss; 638 regs->tf_isp = scp->sc_isp; 639 regs->tf_ebp = scp->sc_fp; 640 regs->tf_esp = scp->sc_sp; 641 regs->tf_eip = scp->sc_pc; 642 regs->tf_eflags = eflags; 643 644 #if defined(COMPAT_43) 645 if (scp->sc_onstack & 1) 646 td->td_sigstk.ss_flags |= SS_ONSTACK; 647 else 648 td->td_sigstk.ss_flags &= ~SS_ONSTACK; 649 #endif 650 kern_sigprocmask(td, SIG_SETMASK, (sigset_t *)&scp->sc_mask, NULL, 651 SIGPROCMASK_OLD); 652 return (EJUSTRETURN); 653 } 654 #endif /* COMPAT_43 */ 655 656 #ifdef COMPAT_FREEBSD4 657 int 658 freebsd4_sigreturn(struct thread *td, struct freebsd4_sigreturn_args *uap) 659 { 660 struct freebsd4_ucontext uc; 661 struct trapframe *regs; 662 struct freebsd4_ucontext *ucp; 663 int cs, eflags, error; 664 ksiginfo_t ksi; 665 666 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 667 if (error != 0) 668 return (error); 669 ucp = &uc; 670 regs = td->td_frame; 671 eflags = ucp->uc_mcontext.mc_eflags; 672 if (eflags & PSL_VM) { 673 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 674 struct vm86_kernel *vm86; 675 676 /* 677 * if pcb_ext == 0 or vm86_inited == 0, the user hasn't 678 * set up the vm86 area, and we can't enter vm86 mode. 679 */ 680 if (td->td_pcb->pcb_ext == 0) 681 return (EINVAL); 682 vm86 = &td->td_pcb->pcb_ext->ext_vm86; 683 if (vm86->vm86_inited == 0) 684 return (EINVAL); 685 686 /* Go back to user mode if both flags are set. */ 687 if ((eflags & PSL_VIP) && (eflags & PSL_VIF)) { 688 ksiginfo_init_trap(&ksi); 689 ksi.ksi_signo = SIGBUS; 690 ksi.ksi_code = BUS_OBJERR; 691 ksi.ksi_addr = (void *)regs->tf_eip; 692 trapsignal(td, &ksi); 693 } 694 if (vm86->vm86_has_vme) { 695 eflags = (tf->tf_eflags & ~VME_USERCHANGE) | 696 (eflags & VME_USERCHANGE) | PSL_VM; 697 } else { 698 vm86->vm86_eflags = eflags; /* save VIF, VIP */ 699 eflags = (tf->tf_eflags & ~VM_USERCHANGE) | 700 (eflags & VM_USERCHANGE) | PSL_VM; 701 } 702 bcopy(&ucp->uc_mcontext.mc_fs, tf, sizeof(struct trapframe)); 703 tf->tf_eflags = eflags; 704 tf->tf_vm86_ds = tf->tf_ds; 705 tf->tf_vm86_es = tf->tf_es; 706 tf->tf_vm86_fs = tf->tf_fs; 707 tf->tf_vm86_gs = ucp->uc_mcontext.mc_gs; 708 tf->tf_ds = _udatasel; 709 tf->tf_es = _udatasel; 710 tf->tf_fs = _udatasel; 711 } else { 712 /* 713 * Don't allow users to change privileged or reserved flags. 714 */ 715 if (!EFL_SECURE(eflags, regs->tf_eflags)) { 716 uprintf( 717 "pid %d (%s): freebsd4_sigreturn eflags = 0x%x\n", 718 td->td_proc->p_pid, td->td_name, eflags); 719 return (EINVAL); 720 } 721 722 /* 723 * Don't allow users to load a valid privileged %cs. Let the 724 * hardware check for invalid selectors, excess privilege in 725 * other selectors, invalid %eip's and invalid %esp's. 726 */ 727 cs = ucp->uc_mcontext.mc_cs; 728 if (!CS_SECURE(cs)) { 729 uprintf("pid %d (%s): freebsd4_sigreturn cs = 0x%x\n", 730 td->td_proc->p_pid, td->td_name, cs); 731 ksiginfo_init_trap(&ksi); 732 ksi.ksi_signo = SIGBUS; 733 ksi.ksi_code = BUS_OBJERR; 734 ksi.ksi_trapno = T_PROTFLT; 735 ksi.ksi_addr = (void *)regs->tf_eip; 736 trapsignal(td, &ksi); 737 return (EINVAL); 738 } 739 740 bcopy(&ucp->uc_mcontext.mc_fs, regs, sizeof(*regs)); 741 } 742 743 #if defined(COMPAT_43) 744 if (ucp->uc_mcontext.mc_onstack & 1) 745 td->td_sigstk.ss_flags |= SS_ONSTACK; 746 else 747 td->td_sigstk.ss_flags &= ~SS_ONSTACK; 748 #endif 749 kern_sigprocmask(td, SIG_SETMASK, &ucp->uc_sigmask, NULL, 0); 750 return (EJUSTRETURN); 751 } 752 #endif /* COMPAT_FREEBSD4 */ 753 754 int 755 sys_sigreturn(struct thread *td, struct sigreturn_args *uap) 756 { 757 ucontext_t uc; 758 struct proc *p; 759 struct trapframe *regs; 760 ucontext_t *ucp; 761 char *xfpustate; 762 size_t xfpustate_len; 763 int cs, eflags, error, ret; 764 ksiginfo_t ksi; 765 766 p = td->td_proc; 767 768 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 769 if (error != 0) 770 return (error); 771 ucp = &uc; 772 if ((ucp->uc_mcontext.mc_flags & ~_MC_FLAG_MASK) != 0) { 773 uprintf("pid %d (%s): sigreturn mc_flags %x\n", p->p_pid, 774 td->td_name, ucp->uc_mcontext.mc_flags); 775 return (EINVAL); 776 } 777 regs = td->td_frame; 778 eflags = ucp->uc_mcontext.mc_eflags; 779 if (eflags & PSL_VM) { 780 struct trapframe_vm86 *tf = (struct trapframe_vm86 *)regs; 781 struct vm86_kernel *vm86; 782 783 /* 784 * if pcb_ext == 0 or vm86_inited == 0, the user hasn't 785 * set up the vm86 area, and we can't enter vm86 mode. 786 */ 787 if (td->td_pcb->pcb_ext == 0) 788 return (EINVAL); 789 vm86 = &td->td_pcb->pcb_ext->ext_vm86; 790 if (vm86->vm86_inited == 0) 791 return (EINVAL); 792 793 /* Go back to user mode if both flags are set. */ 794 if ((eflags & PSL_VIP) && (eflags & PSL_VIF)) { 795 ksiginfo_init_trap(&ksi); 796 ksi.ksi_signo = SIGBUS; 797 ksi.ksi_code = BUS_OBJERR; 798 ksi.ksi_addr = (void *)regs->tf_eip; 799 trapsignal(td, &ksi); 800 } 801 802 if (vm86->vm86_has_vme) { 803 eflags = (tf->tf_eflags & ~VME_USERCHANGE) | 804 (eflags & VME_USERCHANGE) | PSL_VM; 805 } else { 806 vm86->vm86_eflags = eflags; /* save VIF, VIP */ 807 eflags = (tf->tf_eflags & ~VM_USERCHANGE) | 808 (eflags & VM_USERCHANGE) | PSL_VM; 809 } 810 bcopy(&ucp->uc_mcontext.mc_fs, tf, sizeof(struct trapframe)); 811 tf->tf_eflags = eflags; 812 tf->tf_vm86_ds = tf->tf_ds; 813 tf->tf_vm86_es = tf->tf_es; 814 tf->tf_vm86_fs = tf->tf_fs; 815 tf->tf_vm86_gs = ucp->uc_mcontext.mc_gs; 816 tf->tf_ds = _udatasel; 817 tf->tf_es = _udatasel; 818 tf->tf_fs = _udatasel; 819 } else { 820 /* 821 * Don't allow users to change privileged or reserved flags. 822 */ 823 if (!EFL_SECURE(eflags, regs->tf_eflags)) { 824 uprintf("pid %d (%s): sigreturn eflags = 0x%x\n", 825 td->td_proc->p_pid, td->td_name, eflags); 826 return (EINVAL); 827 } 828 829 /* 830 * Don't allow users to load a valid privileged %cs. Let the 831 * hardware check for invalid selectors, excess privilege in 832 * other selectors, invalid %eip's and invalid %esp's. 833 */ 834 cs = ucp->uc_mcontext.mc_cs; 835 if (!CS_SECURE(cs)) { 836 uprintf("pid %d (%s): sigreturn cs = 0x%x\n", 837 td->td_proc->p_pid, td->td_name, cs); 838 ksiginfo_init_trap(&ksi); 839 ksi.ksi_signo = SIGBUS; 840 ksi.ksi_code = BUS_OBJERR; 841 ksi.ksi_trapno = T_PROTFLT; 842 ksi.ksi_addr = (void *)regs->tf_eip; 843 trapsignal(td, &ksi); 844 return (EINVAL); 845 } 846 847 if ((uc.uc_mcontext.mc_flags & _MC_HASFPXSTATE) != 0) { 848 xfpustate_len = uc.uc_mcontext.mc_xfpustate_len; 849 if (xfpustate_len > cpu_max_ext_state_size - 850 sizeof(union savefpu)) { 851 uprintf( 852 "pid %d (%s): sigreturn xfpusave_len = 0x%zx\n", 853 p->p_pid, td->td_name, xfpustate_len); 854 return (EINVAL); 855 } 856 xfpustate = __builtin_alloca(xfpustate_len); 857 error = copyin( 858 (const void *)uc.uc_mcontext.mc_xfpustate, 859 xfpustate, xfpustate_len); 860 if (error != 0) { 861 uprintf( 862 "pid %d (%s): sigreturn copying xfpustate failed\n", 863 p->p_pid, td->td_name); 864 return (error); 865 } 866 } else { 867 xfpustate = NULL; 868 xfpustate_len = 0; 869 } 870 ret = set_fpcontext(td, &ucp->uc_mcontext, xfpustate, 871 xfpustate_len); 872 if (ret != 0) 873 return (ret); 874 bcopy(&ucp->uc_mcontext.mc_fs, regs, sizeof(*regs)); 875 } 876 877 #if defined(COMPAT_43) 878 if (ucp->uc_mcontext.mc_onstack & 1) 879 td->td_sigstk.ss_flags |= SS_ONSTACK; 880 else 881 td->td_sigstk.ss_flags &= ~SS_ONSTACK; 882 #endif 883 884 kern_sigprocmask(td, SIG_SETMASK, &ucp->uc_sigmask, NULL, 0); 885 return (EJUSTRETURN); 886 } 887 888 /* 889 * Reset the hardware debug registers if they were in use. 890 * They won't have any meaning for the newly exec'd process. 891 */ 892 void 893 x86_clear_dbregs(struct pcb *pcb) 894 { 895 if ((pcb->pcb_flags & PCB_DBREGS) == 0) 896 return; 897 898 pcb->pcb_dr0 = 0; 899 pcb->pcb_dr1 = 0; 900 pcb->pcb_dr2 = 0; 901 pcb->pcb_dr3 = 0; 902 pcb->pcb_dr6 = 0; 903 pcb->pcb_dr7 = 0; 904 905 if (pcb == curpcb) { 906 /* 907 * Clear the debug registers on the running CPU, 908 * otherwise they will end up affecting the next 909 * process we switch to. 910 */ 911 reset_dbregs(); 912 } 913 pcb->pcb_flags &= ~PCB_DBREGS; 914 } 915 916 #ifdef COMPAT_43 917 static void 918 setup_priv_lcall_gate(struct proc *p) 919 { 920 struct i386_ldt_args uap; 921 union descriptor desc; 922 u_int lcall_addr; 923 924 bzero(&uap, sizeof(uap)); 925 uap.start = 0; 926 uap.num = 1; 927 lcall_addr = p->p_sysent->sv_psstrings - sz_lcall_tramp; 928 bzero(&desc, sizeof(desc)); 929 desc.sd.sd_type = SDT_MEMERA; 930 desc.sd.sd_dpl = SEL_UPL; 931 desc.sd.sd_p = 1; 932 desc.sd.sd_def32 = 1; 933 desc.sd.sd_gran = 1; 934 desc.sd.sd_lolimit = 0xffff; 935 desc.sd.sd_hilimit = 0xf; 936 desc.sd.sd_lobase = lcall_addr; 937 desc.sd.sd_hibase = lcall_addr >> 24; 938 i386_set_ldt(curthread, &uap, &desc); 939 } 940 #endif 941 942 /* 943 * Reset registers to default values on exec. 944 */ 945 void 946 exec_setregs(struct thread *td, struct image_params *imgp, uintptr_t stack) 947 { 948 struct trapframe *regs; 949 struct pcb *pcb; 950 register_t saved_eflags; 951 952 regs = td->td_frame; 953 pcb = td->td_pcb; 954 955 /* Reset pc->pcb_gs and %gs before possibly invalidating it. */ 956 pcb->pcb_gs = _udatasel; 957 load_gs(_udatasel); 958 959 mtx_lock_spin(&dt_lock); 960 if (td->td_proc->p_md.md_ldt != NULL) 961 user_ldt_free(td); 962 else 963 mtx_unlock_spin(&dt_lock); 964 965 #ifdef COMPAT_43 966 if (td->td_proc->p_sysent->sv_psstrings != 967 elf32_freebsd_sysvec.sv_psstrings) 968 setup_priv_lcall_gate(td->td_proc); 969 #endif 970 971 /* 972 * Reset the fs and gs bases. The values from the old address 973 * space do not make sense for the new program. In particular, 974 * gsbase might be the TLS base for the old program but the new 975 * program has no TLS now. 976 */ 977 set_fsbase(td, 0); 978 set_gsbase(td, 0); 979 980 /* Make sure edx is 0x0 on entry. Linux binaries depend on it. */ 981 saved_eflags = regs->tf_eflags & PSL_T; 982 bzero((char *)regs, sizeof(struct trapframe)); 983 regs->tf_eip = imgp->entry_addr; 984 regs->tf_esp = stack; 985 regs->tf_eflags = PSL_USER | saved_eflags; 986 regs->tf_ss = _udatasel; 987 regs->tf_ds = _udatasel; 988 regs->tf_es = _udatasel; 989 regs->tf_fs = _udatasel; 990 regs->tf_cs = _ucodesel; 991 992 /* PS_STRINGS value for BSD/OS binaries. It is 0 for non-BSD/OS. */ 993 regs->tf_ebx = (register_t)imgp->ps_strings; 994 995 x86_clear_dbregs(pcb); 996 997 pcb->pcb_initial_npxcw = __INITIAL_NPXCW__; 998 999 /* 1000 * Drop the FP state if we hold it, so that the process gets a 1001 * clean FP state if it uses the FPU again. 1002 */ 1003 fpstate_drop(td); 1004 } 1005 1006 int 1007 fill_regs(struct thread *td, struct reg *regs) 1008 { 1009 struct pcb *pcb; 1010 struct trapframe *tp; 1011 1012 tp = td->td_frame; 1013 pcb = td->td_pcb; 1014 regs->r_gs = pcb->pcb_gs; 1015 return (fill_frame_regs(tp, regs)); 1016 } 1017 1018 int 1019 fill_frame_regs(struct trapframe *tp, struct reg *regs) 1020 { 1021 1022 regs->r_fs = tp->tf_fs; 1023 regs->r_es = tp->tf_es; 1024 regs->r_ds = tp->tf_ds; 1025 regs->r_edi = tp->tf_edi; 1026 regs->r_esi = tp->tf_esi; 1027 regs->r_ebp = tp->tf_ebp; 1028 regs->r_ebx = tp->tf_ebx; 1029 regs->r_edx = tp->tf_edx; 1030 regs->r_ecx = tp->tf_ecx; 1031 regs->r_eax = tp->tf_eax; 1032 regs->r_eip = tp->tf_eip; 1033 regs->r_cs = tp->tf_cs; 1034 regs->r_eflags = tp->tf_eflags; 1035 regs->r_esp = tp->tf_esp; 1036 regs->r_ss = tp->tf_ss; 1037 regs->r_err = 0; 1038 regs->r_trapno = 0; 1039 return (0); 1040 } 1041 1042 int 1043 set_regs(struct thread *td, struct reg *regs) 1044 { 1045 struct pcb *pcb; 1046 struct trapframe *tp; 1047 1048 tp = td->td_frame; 1049 if (!EFL_SECURE(regs->r_eflags, tp->tf_eflags) || 1050 !CS_SECURE(regs->r_cs)) 1051 return (EINVAL); 1052 pcb = td->td_pcb; 1053 tp->tf_fs = regs->r_fs; 1054 tp->tf_es = regs->r_es; 1055 tp->tf_ds = regs->r_ds; 1056 tp->tf_edi = regs->r_edi; 1057 tp->tf_esi = regs->r_esi; 1058 tp->tf_ebp = regs->r_ebp; 1059 tp->tf_ebx = regs->r_ebx; 1060 tp->tf_edx = regs->r_edx; 1061 tp->tf_ecx = regs->r_ecx; 1062 tp->tf_eax = regs->r_eax; 1063 tp->tf_eip = regs->r_eip; 1064 tp->tf_cs = regs->r_cs; 1065 tp->tf_eflags = regs->r_eflags; 1066 tp->tf_esp = regs->r_esp; 1067 tp->tf_ss = regs->r_ss; 1068 pcb->pcb_gs = regs->r_gs; 1069 return (0); 1070 } 1071 1072 int 1073 fill_fpregs(struct thread *td, struct fpreg *fpregs) 1074 { 1075 1076 KASSERT(td == curthread || TD_IS_SUSPENDED(td) || 1077 P_SHOULDSTOP(td->td_proc), 1078 ("not suspended thread %p", td)); 1079 npxgetregs(td); 1080 if (cpu_fxsr) 1081 npx_fill_fpregs_xmm(&get_pcb_user_save_td(td)->sv_xmm, 1082 (struct save87 *)fpregs); 1083 else 1084 bcopy(&get_pcb_user_save_td(td)->sv_87, fpregs, 1085 sizeof(*fpregs)); 1086 return (0); 1087 } 1088 1089 int 1090 set_fpregs(struct thread *td, struct fpreg *fpregs) 1091 { 1092 1093 critical_enter(); 1094 if (cpu_fxsr) 1095 npx_set_fpregs_xmm((struct save87 *)fpregs, 1096 &get_pcb_user_save_td(td)->sv_xmm); 1097 else 1098 bcopy(fpregs, &get_pcb_user_save_td(td)->sv_87, 1099 sizeof(*fpregs)); 1100 npxuserinited(td); 1101 critical_exit(); 1102 return (0); 1103 } 1104 1105 /* 1106 * Get machine context. 1107 */ 1108 int 1109 get_mcontext(struct thread *td, mcontext_t *mcp, int flags) 1110 { 1111 struct trapframe *tp; 1112 struct segment_descriptor *sdp; 1113 1114 tp = td->td_frame; 1115 1116 PROC_LOCK(curthread->td_proc); 1117 mcp->mc_onstack = sigonstack(tp->tf_esp); 1118 PROC_UNLOCK(curthread->td_proc); 1119 mcp->mc_gs = td->td_pcb->pcb_gs; 1120 mcp->mc_fs = tp->tf_fs; 1121 mcp->mc_es = tp->tf_es; 1122 mcp->mc_ds = tp->tf_ds; 1123 mcp->mc_edi = tp->tf_edi; 1124 mcp->mc_esi = tp->tf_esi; 1125 mcp->mc_ebp = tp->tf_ebp; 1126 mcp->mc_isp = tp->tf_isp; 1127 mcp->mc_eflags = tp->tf_eflags; 1128 if (flags & GET_MC_CLEAR_RET) { 1129 mcp->mc_eax = 0; 1130 mcp->mc_edx = 0; 1131 mcp->mc_eflags &= ~PSL_C; 1132 } else { 1133 mcp->mc_eax = tp->tf_eax; 1134 mcp->mc_edx = tp->tf_edx; 1135 } 1136 mcp->mc_ebx = tp->tf_ebx; 1137 mcp->mc_ecx = tp->tf_ecx; 1138 mcp->mc_eip = tp->tf_eip; 1139 mcp->mc_cs = tp->tf_cs; 1140 mcp->mc_esp = tp->tf_esp; 1141 mcp->mc_ss = tp->tf_ss; 1142 mcp->mc_len = sizeof(*mcp); 1143 get_fpcontext(td, mcp, NULL, 0); 1144 sdp = &td->td_pcb->pcb_fsd; 1145 mcp->mc_fsbase = sdp->sd_hibase << 24 | sdp->sd_lobase; 1146 sdp = &td->td_pcb->pcb_gsd; 1147 mcp->mc_gsbase = sdp->sd_hibase << 24 | sdp->sd_lobase; 1148 mcp->mc_flags = 0; 1149 mcp->mc_xfpustate = 0; 1150 mcp->mc_xfpustate_len = 0; 1151 bzero(mcp->mc_spare2, sizeof(mcp->mc_spare2)); 1152 return (0); 1153 } 1154 1155 /* 1156 * Set machine context. 1157 * 1158 * However, we don't set any but the user modifiable flags, and we won't 1159 * touch the cs selector. 1160 */ 1161 int 1162 set_mcontext(struct thread *td, mcontext_t *mcp) 1163 { 1164 struct trapframe *tp; 1165 char *xfpustate; 1166 int eflags, ret; 1167 1168 tp = td->td_frame; 1169 if (mcp->mc_len != sizeof(*mcp) || 1170 (mcp->mc_flags & ~_MC_FLAG_MASK) != 0) 1171 return (EINVAL); 1172 eflags = (mcp->mc_eflags & PSL_USERCHANGE) | 1173 (tp->tf_eflags & ~PSL_USERCHANGE); 1174 if (mcp->mc_flags & _MC_HASFPXSTATE) { 1175 if (mcp->mc_xfpustate_len > cpu_max_ext_state_size - 1176 sizeof(union savefpu)) 1177 return (EINVAL); 1178 xfpustate = __builtin_alloca(mcp->mc_xfpustate_len); 1179 ret = copyin((void *)mcp->mc_xfpustate, xfpustate, 1180 mcp->mc_xfpustate_len); 1181 if (ret != 0) 1182 return (ret); 1183 } else 1184 xfpustate = NULL; 1185 ret = set_fpcontext(td, mcp, xfpustate, mcp->mc_xfpustate_len); 1186 if (ret != 0) 1187 return (ret); 1188 tp->tf_fs = mcp->mc_fs; 1189 tp->tf_es = mcp->mc_es; 1190 tp->tf_ds = mcp->mc_ds; 1191 tp->tf_edi = mcp->mc_edi; 1192 tp->tf_esi = mcp->mc_esi; 1193 tp->tf_ebp = mcp->mc_ebp; 1194 tp->tf_ebx = mcp->mc_ebx; 1195 tp->tf_edx = mcp->mc_edx; 1196 tp->tf_ecx = mcp->mc_ecx; 1197 tp->tf_eax = mcp->mc_eax; 1198 tp->tf_eip = mcp->mc_eip; 1199 tp->tf_eflags = eflags; 1200 tp->tf_esp = mcp->mc_esp; 1201 tp->tf_ss = mcp->mc_ss; 1202 td->td_pcb->pcb_gs = mcp->mc_gs; 1203 return (0); 1204 } 1205 1206 static void 1207 get_fpcontext(struct thread *td, mcontext_t *mcp, char *xfpusave, 1208 size_t xfpusave_len) 1209 { 1210 size_t max_len, len; 1211 1212 mcp->mc_ownedfp = npxgetregs(td); 1213 bcopy(get_pcb_user_save_td(td), &mcp->mc_fpstate[0], 1214 sizeof(mcp->mc_fpstate)); 1215 mcp->mc_fpformat = npxformat(); 1216 if (!use_xsave || xfpusave_len == 0) 1217 return; 1218 max_len = cpu_max_ext_state_size - sizeof(union savefpu); 1219 len = xfpusave_len; 1220 if (len > max_len) { 1221 len = max_len; 1222 bzero(xfpusave + max_len, len - max_len); 1223 } 1224 mcp->mc_flags |= _MC_HASFPXSTATE; 1225 mcp->mc_xfpustate_len = len; 1226 bcopy(get_pcb_user_save_td(td) + 1, xfpusave, len); 1227 } 1228 1229 static int 1230 set_fpcontext(struct thread *td, mcontext_t *mcp, char *xfpustate, 1231 size_t xfpustate_len) 1232 { 1233 int error; 1234 1235 if (mcp->mc_fpformat == _MC_FPFMT_NODEV) 1236 return (0); 1237 else if (mcp->mc_fpformat != _MC_FPFMT_387 && 1238 mcp->mc_fpformat != _MC_FPFMT_XMM) 1239 return (EINVAL); 1240 else if (mcp->mc_ownedfp == _MC_FPOWNED_NONE) { 1241 /* We don't care what state is left in the FPU or PCB. */ 1242 fpstate_drop(td); 1243 error = 0; 1244 } else if (mcp->mc_ownedfp == _MC_FPOWNED_FPU || 1245 mcp->mc_ownedfp == _MC_FPOWNED_PCB) { 1246 error = npxsetregs(td, (union savefpu *)&mcp->mc_fpstate, 1247 xfpustate, xfpustate_len); 1248 } else 1249 return (EINVAL); 1250 return (error); 1251 } 1252 1253 static void 1254 fpstate_drop(struct thread *td) 1255 { 1256 1257 KASSERT(PCB_USER_FPU(td->td_pcb), ("fpstate_drop: kernel-owned fpu")); 1258 critical_enter(); 1259 if (PCPU_GET(fpcurthread) == td) 1260 npxdrop(); 1261 /* 1262 * XXX force a full drop of the npx. The above only drops it if we 1263 * owned it. npxgetregs() has the same bug in the !cpu_fxsr case. 1264 * 1265 * XXX I don't much like npxgetregs()'s semantics of doing a full 1266 * drop. Dropping only to the pcb matches fnsave's behaviour. 1267 * We only need to drop to !PCB_INITDONE in sendsig(). But 1268 * sendsig() is the only caller of npxgetregs()... perhaps we just 1269 * have too many layers. 1270 */ 1271 curthread->td_pcb->pcb_flags &= ~(PCB_NPXINITDONE | 1272 PCB_NPXUSERINITDONE); 1273 critical_exit(); 1274 } 1275 1276 int 1277 fill_dbregs(struct thread *td, struct dbreg *dbregs) 1278 { 1279 struct pcb *pcb; 1280 1281 if (td == NULL) { 1282 dbregs->dr[0] = rdr0(); 1283 dbregs->dr[1] = rdr1(); 1284 dbregs->dr[2] = rdr2(); 1285 dbregs->dr[3] = rdr3(); 1286 dbregs->dr[6] = rdr6(); 1287 dbregs->dr[7] = rdr7(); 1288 } else { 1289 pcb = td->td_pcb; 1290 dbregs->dr[0] = pcb->pcb_dr0; 1291 dbregs->dr[1] = pcb->pcb_dr1; 1292 dbregs->dr[2] = pcb->pcb_dr2; 1293 dbregs->dr[3] = pcb->pcb_dr3; 1294 dbregs->dr[6] = pcb->pcb_dr6; 1295 dbregs->dr[7] = pcb->pcb_dr7; 1296 } 1297 dbregs->dr[4] = 0; 1298 dbregs->dr[5] = 0; 1299 return (0); 1300 } 1301 1302 int 1303 set_dbregs(struct thread *td, struct dbreg *dbregs) 1304 { 1305 struct pcb *pcb; 1306 int i; 1307 1308 if (td == NULL) { 1309 load_dr0(dbregs->dr[0]); 1310 load_dr1(dbregs->dr[1]); 1311 load_dr2(dbregs->dr[2]); 1312 load_dr3(dbregs->dr[3]); 1313 load_dr6(dbregs->dr[6]); 1314 load_dr7(dbregs->dr[7]); 1315 } else { 1316 /* 1317 * Don't let an illegal value for dr7 get set. Specifically, 1318 * check for undefined settings. Setting these bit patterns 1319 * result in undefined behaviour and can lead to an unexpected 1320 * TRCTRAP. 1321 */ 1322 for (i = 0; i < 4; i++) { 1323 if (DBREG_DR7_ACCESS(dbregs->dr[7], i) == 0x02) 1324 return (EINVAL); 1325 if (DBREG_DR7_LEN(dbregs->dr[7], i) == 0x02) 1326 return (EINVAL); 1327 } 1328 1329 pcb = td->td_pcb; 1330 1331 /* 1332 * Don't let a process set a breakpoint that is not within the 1333 * process's address space. If a process could do this, it 1334 * could halt the system by setting a breakpoint in the kernel 1335 * (if ddb was enabled). Thus, we need to check to make sure 1336 * that no breakpoints are being enabled for addresses outside 1337 * process's address space. 1338 * 1339 * XXX - what about when the watched area of the user's 1340 * address space is written into from within the kernel 1341 * ... wouldn't that still cause a breakpoint to be generated 1342 * from within kernel mode? 1343 */ 1344 1345 if (DBREG_DR7_ENABLED(dbregs->dr[7], 0)) { 1346 /* dr0 is enabled */ 1347 if (dbregs->dr[0] >= VM_MAXUSER_ADDRESS) 1348 return (EINVAL); 1349 } 1350 1351 if (DBREG_DR7_ENABLED(dbregs->dr[7], 1)) { 1352 /* dr1 is enabled */ 1353 if (dbregs->dr[1] >= VM_MAXUSER_ADDRESS) 1354 return (EINVAL); 1355 } 1356 1357 if (DBREG_DR7_ENABLED(dbregs->dr[7], 2)) { 1358 /* dr2 is enabled */ 1359 if (dbregs->dr[2] >= VM_MAXUSER_ADDRESS) 1360 return (EINVAL); 1361 } 1362 1363 if (DBREG_DR7_ENABLED(dbregs->dr[7], 3)) { 1364 /* dr3 is enabled */ 1365 if (dbregs->dr[3] >= VM_MAXUSER_ADDRESS) 1366 return (EINVAL); 1367 } 1368 1369 pcb->pcb_dr0 = dbregs->dr[0]; 1370 pcb->pcb_dr1 = dbregs->dr[1]; 1371 pcb->pcb_dr2 = dbregs->dr[2]; 1372 pcb->pcb_dr3 = dbregs->dr[3]; 1373 pcb->pcb_dr6 = dbregs->dr[6]; 1374 pcb->pcb_dr7 = dbregs->dr[7]; 1375 1376 pcb->pcb_flags |= PCB_DBREGS; 1377 } 1378 1379 return (0); 1380 } 1381 1382 /* 1383 * Return > 0 if a hardware breakpoint has been hit, and the 1384 * breakpoint was in user space. Return 0, otherwise. 1385 */ 1386 int 1387 user_dbreg_trap(register_t dr6) 1388 { 1389 u_int32_t dr7; 1390 u_int32_t bp; /* breakpoint bits extracted from dr6 */ 1391 int nbp; /* number of breakpoints that triggered */ 1392 caddr_t addr[4]; /* breakpoint addresses */ 1393 int i; 1394 1395 bp = dr6 & DBREG_DR6_BMASK; 1396 if (bp == 0) { 1397 /* 1398 * None of the breakpoint bits are set meaning this 1399 * trap was not caused by any of the debug registers 1400 */ 1401 return (0); 1402 } 1403 1404 dr7 = rdr7(); 1405 if ((dr7 & 0x000000ff) == 0) { 1406 /* 1407 * all GE and LE bits in the dr7 register are zero, 1408 * thus the trap couldn't have been caused by the 1409 * hardware debug registers 1410 */ 1411 return (0); 1412 } 1413 1414 nbp = 0; 1415 1416 /* 1417 * at least one of the breakpoints were hit, check to see 1418 * which ones and if any of them are user space addresses 1419 */ 1420 1421 if (bp & 0x01) { 1422 addr[nbp++] = (caddr_t)rdr0(); 1423 } 1424 if (bp & 0x02) { 1425 addr[nbp++] = (caddr_t)rdr1(); 1426 } 1427 if (bp & 0x04) { 1428 addr[nbp++] = (caddr_t)rdr2(); 1429 } 1430 if (bp & 0x08) { 1431 addr[nbp++] = (caddr_t)rdr3(); 1432 } 1433 1434 for (i = 0; i < nbp; i++) { 1435 if (addr[i] < (caddr_t)VM_MAXUSER_ADDRESS) { 1436 /* 1437 * addr[i] is in user space 1438 */ 1439 return (nbp); 1440 } 1441 } 1442 1443 /* 1444 * None of the breakpoints are in user space. 1445 */ 1446 return (0); 1447 } 1448