WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] Re: 32bit binaries on x86_64/Xen segfaults in syscall-vdso

from [Jeremy Fitzhardinge] [Permanent Link][Original]
To: Bastian Blank <waldi@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxx, 544145@xxxxxxxxxxxxxxx, Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Subject: [Xen-devel] Re: 32bit binaries on x86_64/Xen segfaults in syscall-vdso
From: Jeremy Fitzhardinge <jeremy@xxxxxxxx>
Date: Fri, 04 Sep 2009 09:07:39 -0700
Cc:
Delivery-date: Fri, 04 Sep 2009 09:08:00 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20090903223603.GA19945@xxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <20090830181637.GA7155@xxxxxxxxxxxxxxxxxxxxxxx> <4AA02C57.30106@xxxxxxxx> <20090903220252.GA19309@xxxxxxxxxxxxxxxxxxxxxxx> <4AA03DE8.40706@xxxxxxxx> <20090903223603.GA19945@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.1) Gecko/20090814 Fedora/3.0-2.6.b3.fc11 Lightning/1.0pre Thunderbird/3.0b3 
On 09/03/09 15:36, Bastian Blank wrote:
> This function looks weird. It tries to restores the user code segment.
> But the documentation from AMD explicitely stat that the CS and SS are
> restored from the STAR register.

And STAR is always set with:

    wrmsrl(MSR_STAR,  ((u64)__USER32_CS)<<48  | ((u64)__KERNEL_CS)<<32);

so when using sysret to return to 32-bit, it:

    The CS selector value is set to MSR IA32_STAR[63:48]. The SS is set
    to IA32_STAR[63:48] + 8.

so CS is __USER32_CS and SS is __USER32_DS.

The code for xen_sysret32 is:

ENTRY(xen_sysret32)
        /*
         * We're already on the usermode stack at this point, but
         * still with the kernel gs, so we can easily switch back
         */
        movq %rsp, PER_CPU_VAR(old_rsp)
        movq PER_CPU_VAR(kernel_stack), %rsp

        pushq $__USER32_DS
        pushq PER_CPU_VAR(old_rsp)
        pushq %r11
        pushq $__USER32_CS
        pushq %rcx

        pushq $VGCF_in_syscall
1:      jmp hypercall_iret

The iret frame is:

        ss
        rsp
        rflags
        cs
        rip             <-- rsp

so this constructs a frame of:

        __USER32_DS
        user_esp
        user_eflags
        __USER32_CS
        user_eip        <-- kernel rsp

and then it does the iret hypercall.

But for some reason that's triggering a failsafe callback, which invokes
a GP.

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] RE: rdtsc: correctness vs performance on Xen (and KVM?), Jeremy Fitzhardinge
Next by Date:  Re: [Xen-devel] anyone using pvusb?, Neobiker
Previous by Thread:  [Xen-devel] Re: 32bit binaries on x86_64/Xen segfaults in syscall-vdso, Jeremy Fitzhardinge
Next by Thread:  [Xen-devel] Re: 32bit binaries on x86_64/Xen segfaults in syscall-vdso, Jeremy Fitzhardinge
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy