![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to trap.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Apple XNU] / XNU / osfmk / i386|
Return to trap.c CVS log | Up to [Apple XNU] / XNU / osfmk / i386 |
1.1 root 1: /*
2: * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3: *
4: * @APPLE_LICENSE_HEADER_START@
5: *
6: * The contents of this file constitute Original Code as defined in and
7: * are subject to the Apple Public Source License Version 1.1 (the
8: * "License"). You may not use this file except in compliance with the
9: * License. Please obtain a copy of the License at
10: * http://www.apple.com/publicsource and read it before using this file.
11: *
12: * This Original Code and all software distributed under the License are
13: * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14: * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15: * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16: * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17: * License for the specific language governing rights and limitations
18: * under the License.
19: *
20: * @APPLE_LICENSE_HEADER_END@
21: */
22: /*
23: * @OSF_COPYRIGHT@
24: */
25: /*
26: * Mach Operating System
27: * Copyright (c) 1991,1990,1989,1988 Carnegie Mellon University
28: * All Rights Reserved.
29: *
30: * Permission to use, copy, modify and distribute this software and its
31: * documentation is hereby granted, provided that both the copyright
32: * notice and this permission notice appear in all copies of the
33: * software, derivative works or modified versions, and any portions
34: * thereof, and that both notices appear in supporting documentation.
35: *
36: * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
37: * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
38: * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
39: *
40: * Carnegie Mellon requests users of this software to return to
41: *
42: * Software Distribution Coordinator or [email protected]
43: * School of Computer Science
44: * Carnegie Mellon University
45: * Pittsburgh PA 15213-3890
46: *
47: * any improvements or extensions that they make and grant Carnegie Mellon
48: * the rights to redistribute these changes.
49: */
50: /*
51: */
52: /*
53: * Hardware trap/fault handler.
54: */
55:
56: #include <cpus.h>
57: #include <fast_idle.h>
58: #include <mach_kdb.h>
59: #include <mach_kgdb.h>
60: #include <mach_kdp.h>
61: #include <mach_ldebug.h>
62:
63: #include <types.h>
64: #include <i386/eflags.h>
65: #include <i386/trap.h>
66: #include <i386/pmap.h>
67: #include <i386/fpu.h>
68:
69: #include <mach/exception.h>
70: #include <mach/kern_return.h>
71: #include <mach/vm_param.h>
72: #include <mach/i386/thread_status.h>
73:
74: #include <vm/vm_kern.h>
75: #include <vm/vm_fault.h>
76:
77: #include <kern/etap_macros.h>
78: #include <kern/kern_types.h>
79: #include <kern/ast.h>
80: #include <kern/thread.h>
81: #include <kern/task.h>
82: #include <kern/sched.h>
83: #include <kern/sched_prim.h>
84: #include <kern/exception.h>
85: #include <kern/spl.h>
86: #include <kern/misc_protos.h>
87:
88: #if MACH_KGDB
89: #include <kgdb/kgdb_defs.h>
90: #endif /* MACH_KGDB */
91:
92: #include <i386/intel_read_fault.h>
93:
94: #if MACH_KGDB
95: #include <kgdb/kgdb_defs.h>
96: #endif /* MACH_KGDB */
97:
98: #if MACH_KDB
99: #include <ddb/db_watch.h>
100: #include <ddb/db_run.h>
101: #include <ddb/db_break.h>
102: #include <ddb/db_trap.h>
103: #endif /* MACH_KDB */
104:
105: #include <string.h>
106:
107: #include <i386/io_emulate.h>
108:
109: /*
110: * Forward declarations
111: */
112: extern void user_page_fault_continue(
113: kern_return_t kr);
114:
115: extern boolean_t v86_assist(
116: thread_t thread,
117: struct i386_saved_state *regs);
118:
119: extern boolean_t check_io_fault(
120: struct i386_saved_state *regs);
121:
122: extern int inst_fetch(
123: int eip,
124: int cs);
125:
126: #if MACH_KDB
127: boolean_t debug_all_traps_with_kdb = FALSE;
128: extern struct db_watchpoint *db_watchpoint_list;
129: extern boolean_t db_watchpoints_inserted;
130: extern boolean_t db_breakpoints_inserted;
131:
132: void
133: thread_kdb_return(void)
134: {
135: register thread_act_t thr_act = current_act();
136: register thread_t cur_thr = current_thread();
137: register struct i386_saved_state *regs = USER_REGS(thr_act);
138:
139: if (kdb_trap(regs->trapno, regs->err, regs)) {
140: #if MACH_LDEBUG
141: assert(cur_thr->mutex_count == 0);
142: #endif /* MACH_LDEBUG */
143: check_simple_locks();
144: thread_exception_return();
145: /*NOTREACHED*/
146: }
147: }
148: boolean_t let_ddb_vm_fault = FALSE;
149:
150: #if NCPUS > 1
151: extern int kdb_active[NCPUS];
152: #endif /* NCPUS > 1 */
153:
154: #endif /* MACH_KDB */
155:
156: void
157: user_page_fault_continue(
158: kern_return_t kr)
159: {
160: register thread_act_t thr_act = current_act();
161: register thread_t cur_thr = current_thread();
162: register struct i386_saved_state *regs = USER_REGS(thr_act);
163:
164: if (kr == KERN_SUCCESS) {
165: #if MACH_KDB
166: if (!db_breakpoints_inserted) {
167: db_set_breakpoints();
168: }
169: if (db_watchpoint_list &&
170: db_watchpoints_inserted &&
171: (regs->err & T_PF_WRITE) &&
172: db_find_watchpoint(thr_act->map,
173: (vm_offset_t)regs->cr2,
174: regs))
175: kdb_trap(T_WATCHPOINT, 0, regs);
176: #endif /* MACH_KDB */
177: thread_exception_return();
178: /*NOTREACHED*/
179: }
180:
181: #if MACH_KDB
182: if (debug_all_traps_with_kdb &&
183: kdb_trap(regs->trapno, regs->err, regs)) {
184: #if MACH_LDEBUG
185: assert(cur_thr->mutex_count == 0);
186: #endif /* MACH_LDEBUG */
187: check_simple_locks();
188: thread_exception_return();
189: /*NOTREACHED*/
190: }
191: #endif /* MACH_KDB */
192:
193: i386_exception(EXC_BAD_ACCESS, kr, regs->cr2);
194: /*NOTREACHED*/
195: }
196:
197: /*
198: * Fault recovery in copyin/copyout routines.
199: */
200: struct recovery {
201: int fault_addr;
202: int recover_addr;
203: };
204:
205: extern struct recovery recover_table[];
206: extern struct recovery recover_table_end[];
207:
208: /*
209: * Recovery from Successful fault in copyout does not
210: * return directly - it retries the pte check, since
211: * the 386 ignores write protection in kernel mode.
212: */
213: extern struct recovery retry_table[];
214: extern struct recovery retry_table_end[];
215:
216: char * trap_type[] = {TRAP_NAMES};
217: int TRAP_TYPES = sizeof(trap_type)/sizeof(trap_type[0]);
218:
219: /*
220: * Trap from kernel mode. Only page-fault errors are recoverable,
221: * and then only in special circumstances. All other errors are
222: * fatal. Return value indicates if trap was handled.
223: */
224: boolean_t
225: kernel_trap(
226: register struct i386_saved_state *regs)
227: {
228: int exc;
229: int code;
230: int subcode;
231: register int type;
232: vm_map_t map;
233: kern_return_t result;
234: register thread_t thread;
235: thread_act_t thr_act;
236: etap_data_t probe_data;
237: pt_entry_t *pte;
238: extern vm_offset_t vm_last_phys;
239:
240: type = regs->trapno;
241: code = regs->err;
242: thread = current_thread();
243: thr_act = current_act();
244:
245: ETAP_DATA_LOAD(probe_data[0], regs->trapno);
246: ETAP_DATA_LOAD(probe_data[1], MACH_PORT_NULL);
247: ETAP_DATA_LOAD(probe_data[2], MACH_PORT_NULL);
248: ETAP_PROBE_DATA(ETAP_P_EXCEPTION,
249: 0,
250: thread,
251: &probe_data,
252: ETAP_DATA_ENTRY*3);
253:
254: switch (type) {
255: case T_PREEMPT:
256: return (TRUE);
257:
258: case T_NO_FPU:
259: fpnoextflt();
260: return (TRUE);
261:
262: case T_FPU_FAULT:
263: fpextovrflt();
264: return (TRUE);
265:
266: case T_FLOATING_POINT_ERROR:
267: fpexterrflt();
268: return (TRUE);
269:
270: case T_PAGE_FAULT:
271: /*
272: * If the current map is a submap of the kernel map,
273: * and the address is within that map, fault on that
274: * map. If the same check is done in vm_fault
275: * (vm_map_lookup), we may deadlock on the kernel map
276: * lock.
277: */
278: #if MACH_KDB
279: mp_disable_preemption();
280: if (db_active
281: #if NCPUS > 1
282: && kdb_active[cpu_number()]
283: #endif /* NCPUS > 1 */
284: && !let_ddb_vm_fault) {
285: /*
286: * Force kdb to handle this one.
287: */
288: mp_enable_preemption();
289: return (FALSE);
290: }
291: mp_enable_preemption();
292: #endif /* MACH_KDB */
293: subcode = regs->cr2; /* get faulting address */
294:
295: if (subcode > LINEAR_KERNEL_ADDRESS) {
296: map = kernel_map;
297: subcode -= LINEAR_KERNEL_ADDRESS;
298: } else if (thr_act == THR_ACT_NULL || thread == THREAD_NULL)
299: map = kernel_map;
300: else {
301: map = thr_act->map;
302: }
303:
304: #if MACH_KDB
305: /*
306: * Check for watchpoint on kernel static data.
307: * vm_fault would fail in this case
308: */
309: if (map == kernel_map &&
310: db_watchpoint_list &&
311: db_watchpoints_inserted &&
312: (code & T_PF_WRITE) &&
313: (vm_offset_t)subcode < vm_last_phys &&
314: ((*(pte = pmap_pte(kernel_pmap, (vm_offset_t)subcode))) &
315: INTEL_PTE_WRITE) == 0) {
316: *pte = INTEL_PTE_VALID | INTEL_PTE_WRITE |
317: pa_to_pte(trunc_page((vm_offset_t)subcode) -
318: VM_MIN_KERNEL_ADDRESS);
319: result = KERN_SUCCESS;
320: } else
321: #endif /* MACH_KDB */
322: {
323: /*
324: * Since the 386 ignores write protection in
325: * kernel mode, always try for write permission
326: * first. If that fails and the fault was a
327: * read fault, retry with read permission.
328: */
329: result = vm_fault(map,
330: trunc_page((vm_offset_t)subcode),
331: VM_PROT_READ|VM_PROT_WRITE,
332: FALSE);
333: }
334: #if MACH_KDB
335: if (result == KERN_SUCCESS) {
336: /* Look for watchpoints */
337: if (db_watchpoint_list &&
338: db_watchpoints_inserted &&
339: (code & T_PF_WRITE) &&
340: db_find_watchpoint(map,
341: (vm_offset_t)subcode, regs))
342: kdb_trap(T_WATCHPOINT, 0, regs);
343: }
344: else
345: #endif /* MACH_KDB */
346: if ((code & T_PF_WRITE) == 0 &&
347: result == KERN_PROTECTION_FAILURE)
348: {
349: /*
350: * Must expand vm_fault by hand,
351: * so that we can ask for read-only access
352: * but enter a (kernel)writable mapping.
353: */
354: result = intel_read_fault(map,
355: trunc_page((vm_offset_t)subcode));
356: }
357:
358: if (result == KERN_SUCCESS) {
359: /*
360: * Certain faults require that we back up
361: * the EIP.
362: */
363: register struct recovery *rp;
364:
365: for (rp = retry_table; rp < retry_table_end; rp++) {
366: if (regs->eip == rp->fault_addr) {
367: regs->eip = rp->recover_addr;
368: break;
369: }
370: }
371: return (TRUE);
372: }
373:
374: /* fall through */
375:
376: case T_GENERAL_PROTECTION:
377:
378: /*
379: * If there is a failure recovery address
380: * for this fault, go there.
381: */
382: {
383: register struct recovery *rp;
384:
385: for (rp = recover_table;
386: rp < recover_table_end;
387: rp++) {
388: if (regs->eip == rp->fault_addr) {
389: regs->eip = rp->recover_addr;
390: return (TRUE);
391: }
392: }
393: }
394:
395: /*
396: * Check thread recovery address also -
397: * v86 assist uses it.
398: */
399: if (thread->recover) {
400: regs->eip = thread->recover;
401: thread->recover = 0;
402: return (TRUE);
403: }
404:
405: /*
406: * Unanticipated page-fault errors in kernel
407: * should not happen.
408: */
409: /* fall through... */
410:
411: default:
412: /*
413: * ...and return failure, so that locore can call into
414: * debugger.
415: */
416: #if MACH_KDP
417: kdp_i386_trap(type, regs, result, regs->cr2);
418: #endif
419: return (FALSE);
420: }
421: return (TRUE);
422: }
423:
424: /*
425: * Called if both kernel_trap() and kdb_trap() fail.
426: */
427: void
428: panic_trap(
429: register struct i386_saved_state *regs)
430: {
431: int code;
432: register int type;
433:
434: type = regs->trapno;
435: code = regs->err;
436:
437: printf("trap type %d, code = %x, pc = %x\n",
438: type, code, regs->eip);
439: panic("trap");
440: }
441:
442:
443: /*
444: * Trap from user mode.
445: */
446: void
447: user_trap(
448: register struct i386_saved_state *regs)
449: {
450: int exc;
451: int code;
452: int subcode;
453: register int type;
454: vm_map_t map;
455: vm_prot_t prot;
456: kern_return_t result;
457: register thread_act_t thr_act = current_act();
458: thread_t thread = (thr_act ? thr_act->thread : THREAD_NULL);
459: boolean_t kernel_act = thr_act->kernel_loaded;
460: etap_data_t probe_data;
461:
462: if (regs->efl & EFL_VM) {
463: /*
464: * If hardware assist can handle exception,
465: * continue execution.
466: */
467: if (v86_assist(thread, regs))
468: return;
469: }
470:
471: type = regs->trapno;
472: code = 0;
473: subcode = 0;
474:
475: switch (type) {
476:
477: case T_DIVIDE_ERROR:
478: exc = EXC_ARITHMETIC;
479: code = EXC_I386_DIV;
480: break;
481:
482: case T_DEBUG:
483: #if MACH_KDP
484: /* Trap to KDP */
485: kdp_raise_exception(EXC_BREAKPOINT, EXC_I386_BPTFLT, 0, regs);
486: #endif
487: #if MACH_KGDB
488: if (kgdb_user_trap(regs)) {
489: return;
490: }
491: #endif
492: #if MACH_KDB
493: if (db_in_single_step()) {
494: if (kdb_trap(type, regs->err, regs))
495: return;
496: }
497: #endif
498: exc = EXC_BREAKPOINT;
499: code = EXC_I386_SGL;
500: break;
501:
502: case T_INT3:
503:
504: #if MACH_KDP
505: kdp_raise_exception(EXC_BREAKPOINT, EXC_I386_BPTFLT, 0, regs);
506: #endif
507: #if MACH_KGDB
508: if (kgdb_user_trap(regs)) {
509: return;
510: }
511: #endif
512: #if MACH_KDB
513: {
514: thread_act_t curact = current_act();
515:
516: if (db_find_breakpoint_here(
517: (curact && !curact->kernel_loaded)?
518: curact->task: TASK_NULL,
519: regs->eip - 1)) {
520: if (kdb_trap(type, regs->err, regs))
521: return;
522: }
523: }
524: #endif
525: exc = EXC_BREAKPOINT;
526: code = EXC_I386_BPT;
527: break;
528:
529: case T_OVERFLOW:
530: exc = EXC_ARITHMETIC;
531: code = EXC_I386_INTO;
532: break;
533:
534: case T_OUT_OF_BOUNDS:
535: exc = EXC_SOFTWARE;
536: code = EXC_I386_BOUND;
537: break;
538:
539: case T_INVALID_OPCODE:
540: exc = EXC_BAD_INSTRUCTION;
541: code = EXC_I386_INVOP;
542: break;
543:
544: case T_NO_FPU:
545: case 32: /* XXX */
546: fpnoextflt();
547: return;
548:
549: case T_FPU_FAULT:
550: fpextovrflt();
551: return;
552:
553: case 10: /* invalid TSS == iret with NT flag set */
554: exc = EXC_BAD_INSTRUCTION;
555: code = EXC_I386_INVTSSFLT;
556: subcode = regs->err & 0xffff;
557: break;
558:
559: case T_SEGMENT_NOT_PRESENT:
560: exc = EXC_BAD_INSTRUCTION;
561: code = EXC_I386_SEGNPFLT;
562: subcode = regs->err & 0xffff;
563: break;
564:
565: case T_STACK_FAULT:
566: exc = EXC_BAD_INSTRUCTION;
567: code = EXC_I386_STKFLT;
568: subcode = regs->err & 0xffff;
569: break;
570:
571: case T_GENERAL_PROTECTION:
572: if (!(regs->efl & EFL_VM)) {
573: if (check_io_fault(regs))
574: return;
575: }
576: exc = EXC_BAD_INSTRUCTION;
577: code = EXC_I386_GPFLT;
578: subcode = regs->err & 0xffff;
579: break;
580:
581: case T_PAGE_FAULT:
582: subcode = regs->cr2;
583: prot = VM_PROT_READ|VM_PROT_WRITE;
584: if (kernel_act == FALSE) {
585: if (!(regs->err & T_PF_WRITE))
586: prot = VM_PROT_READ;
587: (void) user_page_fault_continue(vm_fault(thr_act->map,
588: trunc_page((vm_offset_t)subcode),
589: prot,
590: FALSE));
591: /* NOTREACHED */
592: }
593: else {
594: if (subcode > LINEAR_KERNEL_ADDRESS) {
595: map = kernel_map;
596: subcode -= LINEAR_KERNEL_ADDRESS;
597: }
598: result = vm_fault(thr_act->map,
599: trunc_page((vm_offset_t)subcode),
600: prot,
601: FALSE);
602: if (result != KERN_SUCCESS) {
603: /*
604: * Must expand vm_fault by hand,
605: * so that we can ask for read-only access
606: * but enter a (kernel) writable mapping.
607: */
608: result = intel_read_fault(thr_act->map,
609: trunc_page((vm_offset_t)subcode));
610: }
611: user_page_fault_continue(result);
612: /*NOTREACHED*/
613: }
614: break;
615:
616: case T_FLOATING_POINT_ERROR:
617: fpexterrflt();
618: return;
619:
620: default:
621: #if MACH_KGDB
622: Debugger("Unanticipated user trap");
623: return;
624: #endif /* MACH_KGDB */
625: #if MACH_KDB
626: if (kdb_trap(type, regs->err, regs))
627: return;
628: #endif /* MACH_KDB */
629: printf("user trap type %d, code = %x, pc = %x\n",
630: type, regs->err, regs->eip);
631: panic("user trap");
632: return;
633: }
634:
635: #if MACH_KDB
636: if (debug_all_traps_with_kdb &&
637: kdb_trap(type, regs->err, regs))
638: return;
639: #endif /* MACH_KDB */
640:
641: #if ETAP_EVENT_MONITOR
642: if (thread != THREAD_NULL) {
643: ETAP_DATA_LOAD(probe_data[0], regs->trapno);
644: ETAP_DATA_LOAD(probe_data[1],
645: thr_act->exc_actions[exc].port);
646: ETAP_DATA_LOAD(probe_data[2],
647: thr_act->task->exc_actions[exc].port);
648: ETAP_PROBE_DATA(ETAP_P_EXCEPTION,
649: 0,
650: thread,
651: &probe_data,
652: ETAP_DATA_ENTRY*3);
653: }
654: #endif /* ETAP_EVENT_MONITOR */
655:
656: i386_exception(exc, code, subcode);
657: /*NOTREACHED*/
658: }
659:
660: /*
661: * V86 mode assist for interrupt handling.
662: */
663: boolean_t v86_assist_on = TRUE;
664: boolean_t v86_unsafe_ok = FALSE;
665: boolean_t v86_do_sti_cli = TRUE;
666: boolean_t v86_do_sti_immediate = FALSE;
667:
668: #define V86_IRET_PENDING 0x4000
669:
670: int cli_count = 0;
671: int sti_count = 0;
672:
673: boolean_t
674: v86_assist(
675: thread_t thread,
676: register struct i386_saved_state *regs)
677: {
678: register struct v86_assist_state *v86 = &thread->top_act->mact.pcb->ims.v86s;
679:
680: /*
681: * Build an 8086 address. Use only when off is known to be 16 bits.
682: */
683: #define Addr8086(seg,off) ((((seg) & 0xffff) << 4) + (off))
684:
685: #define EFL_V86_SAFE ( EFL_OF | EFL_DF | EFL_TF \
686: | EFL_SF | EFL_ZF | EFL_AF \
687: | EFL_PF | EFL_CF )
688: struct iret_32 {
689: int eip;
690: int cs;
691: int eflags;
692: };
693: struct iret_16 {
694: unsigned short ip;
695: unsigned short cs;
696: unsigned short flags;
697: };
698: union iret_struct {
699: struct iret_32 iret_32;
700: struct iret_16 iret_16;
701: };
702:
703: struct int_vec {
704: unsigned short ip;
705: unsigned short cs;
706: };
707:
708: if (!v86_assist_on)
709: return FALSE;
710:
711: /*
712: * If delayed STI pending, enable interrupts.
713: * Turn off tracing if on only to delay STI.
714: */
715: if (v86->flags & V86_IF_PENDING) {
716: v86->flags &= ~V86_IF_PENDING;
717: v86->flags |= EFL_IF;
718: if ((v86->flags & EFL_TF) == 0)
719: regs->efl &= ~EFL_TF;
720: }
721:
722: if (regs->trapno == T_DEBUG) {
723:
724: if (v86->flags & EFL_TF) {
725: /*
726: * Trace flag was also set - it has priority
727: */
728: return FALSE; /* handle as single-step */
729: }
730: /*
731: * Fall through to check for interrupts.
732: */
733: }
734: else if (regs->trapno == T_GENERAL_PROTECTION) {
735: /*
736: * General protection error - must be an 8086 instruction
737: * to emulate.
738: */
739: register int eip;
740: boolean_t addr_32 = FALSE;
741: boolean_t data_32 = FALSE;
742: int io_port;
743:
744: /*
745: * Set up error handler for bad instruction/data
746: * fetches.
747: */
748: __asm__("movl $(addr_error), %0" : : "m" (thread->recover));
749:
750: eip = regs->eip;
751: while (TRUE) {
752: unsigned char opcode;
753:
754: if (eip > 0xFFFF) {
755: thread->recover = 0;
756: return FALSE; /* GP fault: IP out of range */
757: }
758:
759: opcode = *(unsigned char *)Addr8086(regs->cs,eip);
760: eip++;
761: switch (opcode) {
762: case 0xf0: /* lock */
763: case 0xf2: /* repne */
764: case 0xf3: /* repe */
765: case 0x2e: /* cs */
766: case 0x36: /* ss */
767: case 0x3e: /* ds */
768: case 0x26: /* es */
769: case 0x64: /* fs */
770: case 0x65: /* gs */
771: /* ignore prefix */
772: continue;
773:
774: case 0x66: /* data size */
775: data_32 = TRUE;
776: continue;
777:
778: case 0x67: /* address size */
779: addr_32 = TRUE;
780: continue;
781:
782: case 0xe4: /* inb imm */
783: case 0xe5: /* inw imm */
784: case 0xe6: /* outb imm */
785: case 0xe7: /* outw imm */
786: io_port = *(unsigned char *)Addr8086(regs->cs, eip);
787: eip++;
788: goto do_in_out;
789:
790: case 0xec: /* inb dx */
791: case 0xed: /* inw dx */
792: case 0xee: /* outb dx */
793: case 0xef: /* outw dx */
794: case 0x6c: /* insb */
795: case 0x6d: /* insw */
796: case 0x6e: /* outsb */
797: case 0x6f: /* outsw */
798: io_port = regs->edx & 0xffff;
799:
800: do_in_out:
801: if (!data_32)
802: opcode |= 0x6600; /* word IO */
803:
804: switch (emulate_io(regs, opcode, io_port)) {
805: case EM_IO_DONE:
806: /* instruction executed */
807: break;
808: case EM_IO_RETRY:
809: /* port mapped, retry instruction */
810: thread->recover = 0;
811: return TRUE;
812: case EM_IO_ERROR:
813: /* port not mapped */
814: thread->recover = 0;
815: return FALSE;
816: }
817: break;
818:
819: case 0xfa: /* cli */
820: if (!v86_do_sti_cli) {
821: thread->recover = 0;
822: return (FALSE);
823: }
824:
825: v86->flags &= ~EFL_IF;
826: /* disable simulated interrupts */
827: cli_count++;
828: break;
829:
830: case 0xfb: /* sti */
831: if (!v86_do_sti_cli) {
832: thread->recover = 0;
833: return (FALSE);
834: }
835:
836: if ((v86->flags & EFL_IF) == 0) {
837: if (v86_do_sti_immediate) {
838: v86->flags |= EFL_IF;
839: } else {
840: v86->flags |= V86_IF_PENDING;
841: regs->efl |= EFL_TF;
842: }
843: /* single step to set IF next inst. */
844: }
845: sti_count++;
846: break;
847:
848: case 0x9c: /* pushf */
849: {
850: int flags;
851: vm_offset_t sp;
852: int size;
853:
854: flags = regs->efl;
855: if ((v86->flags & EFL_IF) == 0)
856: flags &= ~EFL_IF;
857:
858: if ((v86->flags & EFL_TF) == 0)
859: flags &= ~EFL_TF;
860: else flags |= EFL_TF;
861:
862: sp = regs->uesp;
863: if (!addr_32)
864: sp &= 0xffff;
865: else if (sp > 0xffff)
866: goto stack_error;
867: size = (data_32) ? 4 : 2;
868: if (sp < size)
869: goto stack_error;
870: sp -= size;
871: if (copyout((char *)&flags,
872: (char *)Addr8086(regs->ss,sp),
873: size))
874: goto addr_error;
875: if (addr_32)
876: regs->uesp = sp;
877: else
878: regs->uesp = (regs->uesp & 0xffff0000) | sp;
879: break;
880: }
881:
882: case 0x9d: /* popf */
883: {
884: vm_offset_t sp;
885: int nflags;
886:
887: sp = regs->uesp;
888: if (!addr_32)
889: sp &= 0xffff;
890: else if (sp > 0xffff)
891: goto stack_error;
892:
893: if (data_32) {
894: if (sp > 0xffff - sizeof(int))
895: goto stack_error;
896: nflags = *(int *)Addr8086(regs->ss,sp);
897: sp += sizeof(int);
898: }
899: else {
900: if (sp > 0xffff - sizeof(short))
901: goto stack_error;
902: nflags = *(unsigned short *)
903: Addr8086(regs->ss,sp);
904: sp += sizeof(short);
905: }
906: if (addr_32)
907: regs->uesp = sp;
908: else
909: regs->uesp = (regs->uesp & 0xffff0000) | sp;
910:
911: if (v86->flags & V86_IRET_PENDING) {
912: v86->flags = nflags & (EFL_TF | EFL_IF);
913: v86->flags |= V86_IRET_PENDING;
914: } else {
915: v86->flags = nflags & (EFL_TF | EFL_IF);
916: }
917: regs->efl = (regs->efl & ~EFL_V86_SAFE)
918: | (nflags & EFL_V86_SAFE);
919: break;
920: }
921: case 0xcf: /* iret */
922: {
923: vm_offset_t sp;
924: int nflags;
925: int size;
926: union iret_struct iret_struct;
927:
928: v86->flags &= ~V86_IRET_PENDING;
929: sp = regs->uesp;
930: if (!addr_32)
931: sp &= 0xffff;
932: else if (sp > 0xffff)
933: goto stack_error;
934:
935: if (data_32) {
936: if (sp > 0xffff - sizeof(struct iret_32))
937: goto stack_error;
938: iret_struct.iret_32 =
939: *(struct iret_32 *) Addr8086(regs->ss,sp);
940: sp += sizeof(struct iret_32);
941: }
942: else {
943: if (sp > 0xffff - sizeof(struct iret_16))
944: goto stack_error;
945: iret_struct.iret_16 =
946: *(struct iret_16 *) Addr8086(regs->ss,sp);
947: sp += sizeof(struct iret_16);
948: }
949: if (addr_32)
950: regs->uesp = sp;
951: else
952: regs->uesp = (regs->uesp & 0xffff0000) | sp;
953:
954: if (data_32) {
955: eip = iret_struct.iret_32.eip;
956: regs->cs = iret_struct.iret_32.cs & 0xffff;
957: nflags = iret_struct.iret_32.eflags;
958: }
959: else {
960: eip = iret_struct.iret_16.ip;
961: regs->cs = iret_struct.iret_16.cs;
962: nflags = iret_struct.iret_16.flags;
963: }
964:
965: v86->flags = nflags & (EFL_TF | EFL_IF);
966: regs->efl = (regs->efl & ~EFL_V86_SAFE)
967: | (nflags & EFL_V86_SAFE);
968: break;
969: }
970: default:
971: /*
972: * Instruction not emulated here.
973: */
974: thread->recover = 0;
975: return FALSE;
976: }
977: break; /* exit from 'while TRUE' */
978: }
979: regs->eip = (regs->eip & 0xffff0000 | eip);
980: }
981: else {
982: /*
983: * Not a trap we handle.
984: */
985: thread->recover = 0;
986: return FALSE;
987: }
988:
989: if ((v86->flags & EFL_IF) && ((v86->flags & V86_IRET_PENDING)==0)) {
990:
991: struct v86_interrupt_table *int_table;
992: int int_count;
993: int vec;
994: int i;
995:
996: int_table = (struct v86_interrupt_table *) v86->int_table;
997: int_count = v86->int_count;
998:
999: vec = 0;
1000: for (i = 0; i < int_count; int_table++, i++) {
1001: if (!int_table->mask && int_table->count > 0) {
1002: int_table->count--;
1003: vec = int_table->vec;
1004: break;
1005: }
1006: }
1007: if (vec != 0) {
1008: /*
1009: * Take this interrupt
1010: */
1011: vm_offset_t sp;
1012: struct iret_16 iret_16;
1013: struct int_vec int_vec;
1014:
1015: sp = regs->uesp & 0xffff;
1016: if (sp < sizeof(struct iret_16))
1017: goto stack_error;
1018: sp -= sizeof(struct iret_16);
1019: iret_16.ip = regs->eip;
1020: iret_16.cs = regs->cs;
1021: iret_16.flags = regs->efl & 0xFFFF;
1022: if ((v86->flags & EFL_TF) == 0)
1023: iret_16.flags &= ~EFL_TF;
1024: else iret_16.flags |= EFL_TF;
1025:
1026: (void) memcpy((char *) &int_vec,
1027: (char *) (sizeof(struct int_vec) * vec),
1028: sizeof (struct int_vec));
1029: if (copyout((char *)&iret_16,
1030: (char *)Addr8086(regs->ss,sp),
1031: sizeof(struct iret_16)))
1032: goto addr_error;
1033: regs->uesp = (regs->uesp & 0xFFFF0000) | (sp & 0xffff);
1034: regs->eip = int_vec.ip;
1035: regs->cs = int_vec.cs;
1036: regs->efl &= ~EFL_TF;
1037: v86->flags &= ~(EFL_IF | EFL_TF);
1038: v86->flags |= V86_IRET_PENDING;
1039: }
1040: }
1041:
1042: thread->recover = 0;
1043: return TRUE;
1044:
1045: /*
1046: * On address error, report a page fault.
1047: * XXX report GP fault - we don`t save
1048: * the faulting address.
1049: */
1050: addr_error:
1051: __asm__("addr_error:;");
1052: thread->recover = 0;
1053: return FALSE;
1054:
1055: /*
1056: * On stack address error, return stack fault (12).
1057: */
1058: stack_error:
1059: thread->recover = 0;
1060: regs->trapno = T_STACK_FAULT;
1061: return FALSE;
1062: }
1063:
1064: /*
1065: * Handle AST traps for i386.
1066: * Check for delayed floating-point exception from
1067: * AT-bus machines.
1068: */
1069:
1070: extern void log_thread_action (thread_t, char *);
1071:
1072: void
1073: i386_astintr(int preemption)
1074: {
1075: int mycpu;
1076: ast_t mask = AST_ALL;
1077: spl_t s;
1078: thread_t self = current_thread();
1079:
1080: s = splsched(); /* block interrupts to check reasons */
1081: mp_disable_preemption();
1082: mycpu = cpu_number();
1083: if (need_ast[mycpu] & AST_I386_FP) {
1084: /*
1085: * AST was for delayed floating-point exception -
1086: * FP interrupt occured while in kernel.
1087: * Turn off this AST reason and handle the FPU error.
1088: */
1089:
1090: ast_off(AST_I386_FP);
1091: mp_enable_preemption();
1092: splx(s);
1093:
1094: fpexterrflt();
1095: }
1096: else {
1097: /*
1098: * Not an FPU trap. Handle the AST.
1099: * Interrupts are still blocked.
1100: */
1101:
1102: if (preemption) {
1103:
1104: /*
1105: * We don't want to process any AST if we were in
1106: * kernel-mode and the current thread is in any
1107: * funny state (waiting and/or suspended).
1108: */
1109:
1110: thread_lock (self);
1111:
1112: if (thread_not_preemptable(self) || self->preempt) {
1113: ast_off(AST_URGENT);
1114: thread_unlock (self);
1115: mp_enable_preemption();
1116: splx(s);
1117: return;
1118: }
1119: else mask = AST_PREEMPT;
1120: mp_enable_preemption();
1121:
1122: /*
1123: self->preempt = TH_NOT_PREEMPTABLE;
1124: */
1125:
1126: thread_unlock (self);
1127: } else {
1128: mp_enable_preemption();
1129: }
1130:
1131: ast_taken(preemption, mask, s
1132: #if FAST_IDLE
1133: ,NO_IDLE_THREAD
1134: #endif /* FAST_IDLE */
1135: );
1136: /*
1137: self->preempt = TH_PREEMPTABLE;
1138: */
1139: }
1140: }
1141:
1142: /*
1143: * Handle exceptions for i386.
1144: *
1145: * If we are an AT bus machine, we must turn off the AST for a
1146: * delayed floating-point exception.
1147: *
1148: * If we are providing floating-point emulation, we may have
1149: * to retrieve the real register values from the floating point
1150: * emulator.
1151: */
1152: void
1153: i386_exception(
1154: int exc,
1155: int code,
1156: int subcode)
1157: {
1158: spl_t s;
1159: exception_data_type_t codes[EXCEPTION_CODE_MAX];
1160:
1161: /*
1162: * Turn off delayed FPU error handling.
1163: */
1164: s = splsched();
1165: mp_disable_preemption();
1166: ast_off(AST_I386_FP);
1167: mp_enable_preemption();
1168: splx(s);
1169:
1170: codes[0] = code; /* new exception interface */
1171: codes[1] = subcode;
1172: exception(exc, codes, 2);
1173: /*NOTREACHED*/
1174: }
1175:
1176: boolean_t
1177: check_io_fault(
1178: struct i386_saved_state *regs)
1179: {
1180: int eip, opcode, io_port;
1181: boolean_t data_16 = FALSE;
1182:
1183: /*
1184: * Get the instruction.
1185: */
1186: eip = regs->eip;
1187:
1188: for (;;) {
1189: opcode = inst_fetch(eip, regs->cs);
1190: eip++;
1191: switch (opcode) {
1192: case 0x66: /* data-size prefix */
1193: data_16 = TRUE;
1194: continue;
1195:
1196: case 0xf3: /* rep prefix */
1197: case 0x26: /* es */
1198: case 0x2e: /* cs */
1199: case 0x36: /* ss */
1200: case 0x3e: /* ds */
1201: case 0x64: /* fs */
1202: case 0x65: /* gs */
1203: continue;
1204:
1205: case 0xE4: /* inb imm */
1206: case 0xE5: /* inl imm */
1207: case 0xE6: /* outb imm */
1208: case 0xE7: /* outl imm */
1209: /* port is immediate byte */
1210: io_port = inst_fetch(eip, regs->cs);
1211: eip++;
1212: break;
1213:
1214: case 0xEC: /* inb dx */
1215: case 0xED: /* inl dx */
1216: case 0xEE: /* outb dx */
1217: case 0xEF: /* outl dx */
1218: case 0x6C: /* insb */
1219: case 0x6D: /* insl */
1220: case 0x6E: /* outsb */
1221: case 0x6F: /* outsl */
1222: /* port is in DX register */
1223: io_port = regs->edx & 0xFFFF;
1224: break;
1225:
1226: default:
1227: return FALSE;
1228: }
1229: break;
1230: }
1231:
1232: if (data_16)
1233: opcode |= 0x6600; /* word IO */
1234:
1235: switch (emulate_io(regs, opcode, io_port)) {
1236: case EM_IO_DONE:
1237: /* instruction executed */
1238: regs->eip = eip;
1239: return TRUE;
1240:
1241: case EM_IO_RETRY:
1242: /* port mapped, retry instruction */
1243: return TRUE;
1244:
1245: case EM_IO_ERROR:
1246: /* port not mapped */
1247: return FALSE;
1248: }
1249: return FALSE;
1250: }
1251:
1252: void
1253: kernel_preempt_check (void)
1254: {
1255: mp_disable_preemption();
1256: if ((need_ast[cpu_number()] & AST_URGENT) &&
1257: #if NCPUS > 1
1258: get_interrupt_level() == 1
1259: #else /* NCPUS > 1 */
1260: get_interrupt_level() == 0
1261: #endif /* NCPUS > 1 */
1262: ) {
1263: mp_enable_preemption_no_check();
1264: __asm__ volatile (" int $0xff");
1265: } else {
1266: mp_enable_preemption_no_check();
1267: }
1268: }
1269:
1270: #if MACH_KDB
1271:
1272: extern void db_i386_state(struct i386_saved_state *regs);
1273:
1274: #include <ddb/db_output.h>
1275:
1276: void
1277: db_i386_state(
1278: struct i386_saved_state *regs)
1279: {
1280: db_printf("eip %8x\n", regs->eip);
1281: db_printf("trap %8x\n", regs->trapno);
1282: db_printf("err %8x\n", regs->err);
1283: db_printf("efl %8x\n", regs->efl);
1284: db_printf("ebp %8x\n", regs->ebp);
1285: db_printf("esp %8x\n", regs->esp);
1286: db_printf("uesp %8x\n", regs->uesp);
1287: db_printf("cs %8x\n", regs->cs & 0xff);
1288: db_printf("ds %8x\n", regs->ds & 0xff);
1289: db_printf("es %8x\n", regs->es & 0xff);
1290: db_printf("fs %8x\n", regs->fs & 0xff);
1291: db_printf("gs %8x\n", regs->gs & 0xff);
1292: db_printf("ss %8x\n", regs->ss & 0xff);
1293: db_printf("eax %8x\n", regs->eax);
1294: db_printf("ebx %8x\n", regs->ebx);
1295: db_printf("ecx %8x\n", regs->ecx);
1296: db_printf("edx %8x\n", regs->edx);
1297: db_printf("esi %8x\n", regs->esi);
1298: db_printf("edi %8x\n", regs->edi);
1299: }
1300:
1301: #endif /* MACH_KDB */
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.