Changeset 21373712 in mainline

Timestamp:

2014-11-19T22:16:11Z (9 years ago)

Author:

Jakub Jermar <jakub@…>

Branches:

lfn, master, serial

Children:

759ea0d

Parents:

3349e7d

Message:

Spill uspace windows to uspace wbuf in PREEMPTIBLE_HANDLER_KERNEL

PREEMPTIBLE_HANDLER_KERNEL checks the value of the CANSAVE register to
see whether the imminent SAVE instruction would generate a window spill
trap or not. If CANSAVE is zero, it uses the INLINE_SPILL macro to spill
a register window without generating the spill trap. INLINE_SPILL
assumes a kernel window, but it is also possible to have a uspace window
at this point. In this case, INLINE_SPILL will wrongly interpret the
window's uspace stack address as a kernel stack address, leading to a
random memory corruption.

It is therefore necessary to also check the value in the OTHERWIN
register to see whether the spilled window would be a uspace window. In
such case, INLINE_SPILL_TO_WBUF needs to be used instead of INLINE_SPILL
to spill the uspace window to the uspace window buffer.

File:

• kernel/arch/sparc64/src/trap/sun4v/trap_table.S (modified) (1 diff)

kernel/arch/sparc64/src/trap/sun4v/trap_table.S

@@ -897 +897 @@
         brnz %g3, 2f
         nop
+        rdpr %otherwin, %g4
+        brnz %g4, 1f
+        nop
+
+        /* OTHERWIN is zero, we are spilling a kernel window. */
         INLINE_SPILL %g3, %g4
+        ba,a %xcc, 2f
+
+1:
+        /* OTHERWIN is non-zero, we are spilling a uspace window. */
+        INLINE_SPILL_TO_WBUF %g3, %g4, %g7
 
 2: