Author: kib
Date: Tue Dec 16 18:28:33 2014
New Revision: 275833
URL: https://svnweb.freebsd.org/changeset/base/275833
Log:
The iret instruction may generate #np and #ss fault, besides #gp.
When returning to usermode, the handler for that exceptions is also
executed with wrong gs base. Handle all three possible faults in the
same way, checking for iret fault, and performing full iret.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Modified:
head/sys/amd64/amd64/exception.S
Modified: head/sys/amd64/amd64/exception.S
==============================================================================
--- head/sys/amd64/amd64/exception.S Tue Dec 16 17:59:05 2014
(r275832)
+++ head/sys/amd64/amd64/exception.S Tue Dec 16 18:28:33 2014
(r275833)
@@ -153,9 +153,13 @@ IDTVEC(xmm)
IDTVEC(tss)
TRAP_ERR(T_TSSFLT)
IDTVEC(missing)
- TRAP_ERR(T_SEGNPFLT)
+ subq $TF_ERR,%rsp
+ movl $T_SEGNPFLT,TF_TRAPNO(%rsp)
+ jmp prot_addrf
IDTVEC(stk)
- TRAP_ERR(T_STKFLT)
+ subq $TF_ERR,%rsp
+ movl $T_STKFLT,TF_TRAPNO(%rsp)
+ jmp prot_addrf
IDTVEC(align)
TRAP_ERR(T_ALIGNFLT)
@@ -318,6 +322,7 @@ IDTVEC(page)
IDTVEC(prot)
subq $TF_ERR,%rsp
movl $T_PROTFLT,TF_TRAPNO(%rsp)
+prot_addrf:
movq $0,TF_ADDR(%rsp)
movq %rdi,TF_RDI(%rsp) /* free up a GP register */
leaq doreti_iret(%rip),%rdi
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
