ia32_signal.c revision 153180
1130561Sobrien/*- 2130561Sobrien * Copyright (c) 2003 Peter Wemm 3130561Sobrien * Copyright (c) 1982, 1987, 1990 The Regents of the University of California. 4130561Sobrien * All rights reserved. 5130561Sobrien * 6130561Sobrien * This code is derived from software contributed to Berkeley by 7130561Sobrien * William Jolitz. 8130561Sobrien * 9130561Sobrien * Redistribution and use in source and binary forms, with or without 10130561Sobrien * modification, are permitted provided that the following conditions 11130561Sobrien * are met: 12130561Sobrien * 1. Redistributions of source code must retain the above copyright 13130561Sobrien * notice, this list of conditions and the following disclaimer. 14130561Sobrien * 2. Redistributions in binary form must reproduce the above copyright 15130561Sobrien * notice, this list of conditions and the following disclaimer in the 16130561Sobrien * documentation and/or other materials provided with the distribution. 17130561Sobrien * 4. Neither the name of the University nor the names of its contributors 18218822Sdim * may be used to endorse or promote products derived from this software 19130561Sobrien * without specific prior written permission. 20130561Sobrien * 21130561Sobrien * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22130561Sobrien * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23130561Sobrien * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24130561Sobrien * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25130561Sobrien * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26130561Sobrien * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27130561Sobrien * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28130561Sobrien * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29130561Sobrien * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30130561Sobrien * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31130561Sobrien * SUCH DAMAGE. 32130561Sobrien */ 33130561Sobrien 34130561Sobrien#include <sys/cdefs.h> 35130561Sobrien__FBSDID("$FreeBSD: head/sys/amd64/ia32/ia32_signal.c 153180 2005-12-06 23:06:29Z peter $"); 36130561Sobrien 37130561Sobrien#include "opt_compat.h" 38130561Sobrien 39130561Sobrien#include <sys/param.h> 40130561Sobrien#include <sys/exec.h> 41130561Sobrien#include <sys/fcntl.h> 42130561Sobrien#include <sys/imgact.h> 43130561Sobrien#include <sys/kernel.h> 44130561Sobrien#include <sys/lock.h> 45130561Sobrien#include <sys/malloc.h> 46130561Sobrien#include <sys/mutex.h> 47130561Sobrien#include <sys/mman.h> 48130561Sobrien#include <sys/namei.h> 49130561Sobrien#include <sys/pioctl.h> 50130561Sobrien#include <sys/proc.h> 51130561Sobrien#include <sys/procfs.h> 52130561Sobrien#include <sys/resourcevar.h> 53130561Sobrien#include <sys/systm.h> 54130561Sobrien#include <sys/signalvar.h> 55130561Sobrien#include <sys/stat.h> 56130561Sobrien#include <sys/sx.h> 57130561Sobrien#include <sys/syscall.h> 58130561Sobrien#include <sys/sysctl.h> 59130561Sobrien#include <sys/sysent.h> 60130561Sobrien#include <sys/vnode.h> 61130561Sobrien 62130561Sobrien#include <vm/vm.h> 63130561Sobrien#include <vm/vm_kern.h> 64130561Sobrien#include <vm/vm_param.h> 65130561Sobrien#include <vm/pmap.h> 66130561Sobrien#include <vm/vm_map.h> 67130561Sobrien#include <vm/vm_object.h> 68130561Sobrien#include <vm/vm_extern.h> 69130561Sobrien 70130561Sobrien#include <compat/freebsd32/freebsd32_util.h> 71130561Sobrien#include <compat/freebsd32/freebsd32_proto.h> 72130561Sobrien#include <compat/ia32/ia32_signal.h> 73130561Sobrien#include <machine/psl.h> 74130561Sobrien#include <machine/segments.h> 75130561Sobrien#include <machine/specialreg.h> 76130561Sobrien#include <machine/frame.h> 77130561Sobrien#include <machine/md_var.h> 78130561Sobrien#include <machine/pcb.h> 79130561Sobrien#include <machine/cpufunc.h> 80130561Sobrien 81130561Sobrien#ifdef COMPAT_FREEBSD4 82130561Sobrienstatic void freebsd4_ia32_sendsig(sig_t, ksiginfo_t *, sigset_t *); 83130561Sobrien#endif 84130561Sobrienstatic void ia32_get_fpcontext(struct thread *td, struct ia32_mcontext *mcp); 85130561Sobrienstatic int ia32_set_fpcontext(struct thread *td, const struct ia32_mcontext *mcp); 86130561Sobrien 87130561Sobrienextern int _ucode32sel, _udatasel; 88130561Sobrien 89130561Sobrien#define CS_SECURE(cs) (ISPL(cs) == SEL_UPL) 90130561Sobrien#define EFL_SECURE(ef, oef) ((((ef) ^ (oef)) & ~PSL_USERCHANGE) == 0) 91130561Sobrien 92130561Sobrienstatic void 93130561Sobrienia32_get_fpcontext(struct thread *td, struct ia32_mcontext *mcp) 94130561Sobrien{ 95130561Sobrien 96130561Sobrien mcp->mc_ownedfp = fpugetregs(td, (struct savefpu *)&mcp->mc_fpstate); 97130561Sobrien mcp->mc_fpformat = fpuformat(); 98130561Sobrien} 99130561Sobrien 100130561Sobrienstatic int 101130561Sobrienia32_set_fpcontext(struct thread *td, const struct ia32_mcontext *mcp) 102130561Sobrien{ 103130561Sobrien 104130561Sobrien if (mcp->mc_fpformat == _MC_FPFMT_NODEV) 105130561Sobrien return (0); 106130561Sobrien else if (mcp->mc_fpformat != _MC_FPFMT_XMM) 107130561Sobrien return (EINVAL); 108130561Sobrien else if (mcp->mc_ownedfp == _MC_FPOWNED_NONE) 109130561Sobrien /* We don't care what state is left in the FPU or PCB. */ 110130561Sobrien fpstate_drop(td); 111130561Sobrien else if (mcp->mc_ownedfp == _MC_FPOWNED_FPU || 112130561Sobrien mcp->mc_ownedfp == _MC_FPOWNED_PCB) { 113130561Sobrien /* 114130561Sobrien * XXX we violate the dubious requirement that fpusetregs() 115130561Sobrien * be called with interrupts disabled. 116130561Sobrien */ 117130561Sobrien fpusetregs(td, (struct savefpu *)&mcp->mc_fpstate); 118130561Sobrien } else 119130561Sobrien return (EINVAL); 120130561Sobrien return (0); 121130561Sobrien} 122130561Sobrien 123130561Sobrien/* 124130561Sobrien * Get machine context. 125130561Sobrien */ 126130561Sobrienstatic int 127130561Sobrienia32_get_mcontext(struct thread *td, struct ia32_mcontext *mcp, int flags) 128130561Sobrien{ 129130561Sobrien struct trapframe *tp; 130130561Sobrien 131130561Sobrien tp = td->td_frame; 132130561Sobrien 133130561Sobrien PROC_LOCK(curthread->td_proc); 134130561Sobrien mcp->mc_onstack = sigonstack(tp->tf_rsp); 135130561Sobrien PROC_UNLOCK(curthread->td_proc); 136130561Sobrien mcp->mc_gs = td->td_pcb->pcb_gs; 137130561Sobrien mcp->mc_fs = td->td_pcb->pcb_fs; 138130561Sobrien mcp->mc_es = td->td_pcb->pcb_es; 139130561Sobrien mcp->mc_ds = td->td_pcb->pcb_ds; 140130561Sobrien mcp->mc_edi = tp->tf_rdi; 141130561Sobrien mcp->mc_esi = tp->tf_rsi; 142130561Sobrien mcp->mc_ebp = tp->tf_rbp; 143130561Sobrien mcp->mc_isp = tp->tf_rsp; 144130561Sobrien if (flags & GET_MC_CLEAR_RET) { 145130561Sobrien mcp->mc_eax = 0; 146130561Sobrien mcp->mc_edx = 0; 147130561Sobrien } else { 148130561Sobrien mcp->mc_eax = tp->tf_rax; 149130561Sobrien mcp->mc_edx = tp->tf_rdx; 150130561Sobrien } 151130561Sobrien mcp->mc_ebx = tp->tf_rbx; 152130561Sobrien mcp->mc_ecx = tp->tf_rcx; 153130561Sobrien mcp->mc_eip = tp->tf_rip; 154130561Sobrien mcp->mc_cs = tp->tf_cs; 155130561Sobrien mcp->mc_eflags = tp->tf_rflags; 156130561Sobrien mcp->mc_esp = tp->tf_rsp; 157130561Sobrien mcp->mc_ss = tp->tf_ss; 158130561Sobrien mcp->mc_len = sizeof(*mcp); 159130561Sobrien ia32_get_fpcontext(td, mcp); 160130561Sobrien return (0); 161130561Sobrien} 162130561Sobrien 163130561Sobrien/* 164130561Sobrien * Set machine context. 165130561Sobrien * 166130561Sobrien * However, we don't set any but the user modifiable flags, and we won't 167130561Sobrien * touch the cs selector. 168130561Sobrien */ 169130561Sobrienstatic int 170130561Sobrienia32_set_mcontext(struct thread *td, const struct ia32_mcontext *mcp) 171130561Sobrien{ 172130561Sobrien struct trapframe *tp; 173130561Sobrien long rflags; 174130561Sobrien int ret; 175130561Sobrien 176130561Sobrien tp = td->td_frame; 177130561Sobrien if (mcp->mc_len != sizeof(*mcp)) 178130561Sobrien return (EINVAL); 179130561Sobrien rflags = (mcp->mc_eflags & PSL_USERCHANGE) | 180130561Sobrien (tp->tf_rflags & ~PSL_USERCHANGE); 181130561Sobrien ret = ia32_set_fpcontext(td, mcp); 182130561Sobrien if (ret != 0) 183130561Sobrien return (ret); 184130561Sobrien#if 0 /* XXX deal with load_fs() and friends */ 185130561Sobrien tp->tf_fs = mcp->mc_fs; 186130561Sobrien tp->tf_es = mcp->mc_es; 187130561Sobrien tp->tf_ds = mcp->mc_ds; 188130561Sobrien#endif 189130561Sobrien tp->tf_rdi = mcp->mc_edi; 190130561Sobrien tp->tf_rsi = mcp->mc_esi; 191130561Sobrien tp->tf_rbp = mcp->mc_ebp; 192130561Sobrien tp->tf_rbx = mcp->mc_ebx; 193130561Sobrien tp->tf_rdx = mcp->mc_edx; 194130561Sobrien tp->tf_rcx = mcp->mc_ecx; 195130561Sobrien tp->tf_rax = mcp->mc_eax; 196130561Sobrien /* trapno, err */ 197130561Sobrien tp->tf_rip = mcp->mc_eip; 198130561Sobrien tp->tf_rflags = rflags; 199130561Sobrien tp->tf_rsp = mcp->mc_esp; 200130561Sobrien tp->tf_ss = mcp->mc_ss; 201130561Sobrien#if 0 /* XXX deal with load_gs() and friends */ 202130561Sobrien td->td_pcb->pcb_gs = mcp->mc_gs; 203130561Sobrien#endif 204130561Sobrien td->td_pcb->pcb_flags |= PCB_FULLCTX; 205130561Sobrien return (0); 206130561Sobrien} 207130561Sobrien 208130561Sobrien/* 209130561Sobrien * The first two fields of a ucontext_t are the signal mask and 210130561Sobrien * the machine context. The next field is uc_link; we want to 211130561Sobrien * avoid destroying the link when copying out contexts. 212130561Sobrien */ 213130561Sobrien#define UC_COPY_SIZE offsetof(struct ia32_ucontext, uc_link) 214130561Sobrien 215130561Sobrienint 216130561Sobrienfreebsd32_getcontext(struct thread *td, struct freebsd32_getcontext_args *uap) 217130561Sobrien{ 218130561Sobrien struct ia32_ucontext uc; 219130561Sobrien int ret; 220130561Sobrien 221130561Sobrien if (uap->ucp == NULL) 222130561Sobrien ret = EINVAL; 223130561Sobrien else { 224130561Sobrien ia32_get_mcontext(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); 225130561Sobrien PROC_LOCK(td->td_proc); 226130561Sobrien uc.uc_sigmask = td->td_sigmask; 227130561Sobrien PROC_UNLOCK(td->td_proc); 228130561Sobrien ret = copyout(&uc, uap->ucp, UC_COPY_SIZE); 229130561Sobrien } 230130561Sobrien return (ret); 231130561Sobrien} 232130561Sobrien 233130561Sobrienint 234130561Sobrienfreebsd32_setcontext(struct thread *td, struct freebsd32_setcontext_args *uap) 235130561Sobrien{ 236130561Sobrien struct ia32_ucontext uc; 237130561Sobrien int ret; 238130561Sobrien 239130561Sobrien if (uap->ucp == NULL) 240130561Sobrien ret = EINVAL; 241130561Sobrien else { 242130561Sobrien ret = copyin(uap->ucp, &uc, UC_COPY_SIZE); 243130561Sobrien if (ret == 0) { 244130561Sobrien ret = ia32_set_mcontext(td, &uc.uc_mcontext); 245130561Sobrien if (ret == 0) { 246130561Sobrien SIG_CANTMASK(uc.uc_sigmask); 247130561Sobrien PROC_LOCK(td->td_proc); 248130561Sobrien td->td_sigmask = uc.uc_sigmask; 249130561Sobrien PROC_UNLOCK(td->td_proc); 250130561Sobrien } 251130561Sobrien } 252130561Sobrien } 253130561Sobrien return (ret == 0 ? EJUSTRETURN : ret); 254130561Sobrien} 255130561Sobrien 256130561Sobrienint 257130561Sobrienfreebsd32_swapcontext(struct thread *td, struct freebsd32_swapcontext_args *uap) 258130561Sobrien{ 259130561Sobrien struct ia32_ucontext uc; 260130561Sobrien int ret; 261130561Sobrien 262130561Sobrien if (uap->oucp == NULL || uap->ucp == NULL) 263130561Sobrien ret = EINVAL; 264130561Sobrien else { 265130561Sobrien ia32_get_mcontext(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); 266130561Sobrien PROC_LOCK(td->td_proc); 267130561Sobrien uc.uc_sigmask = td->td_sigmask; 268130561Sobrien PROC_UNLOCK(td->td_proc); 269130561Sobrien ret = copyout(&uc, uap->oucp, UC_COPY_SIZE); 270130561Sobrien if (ret == 0) { 271130561Sobrien ret = copyin(uap->ucp, &uc, UC_COPY_SIZE); 272130561Sobrien if (ret == 0) { 273130561Sobrien ret = ia32_set_mcontext(td, &uc.uc_mcontext); 274130561Sobrien if (ret == 0) { 275130561Sobrien SIG_CANTMASK(uc.uc_sigmask); 276130561Sobrien PROC_LOCK(td->td_proc); 277130561Sobrien td->td_sigmask = uc.uc_sigmask; 278130561Sobrien PROC_UNLOCK(td->td_proc); 279130561Sobrien } 280130561Sobrien } 281130561Sobrien } 282130561Sobrien } 283130561Sobrien return (ret == 0 ? EJUSTRETURN : ret); 284130561Sobrien} 285130561Sobrien 286130561Sobrien/* 287130561Sobrien * Send an interrupt to process. 288130561Sobrien * 289130561Sobrien * Stack is set up to allow sigcode stored 290130561Sobrien * at top to call routine, followed by kcall 291130561Sobrien * to sigreturn routine below. After sigreturn 292130561Sobrien * resets the signal mask, the stack, and the 293130561Sobrien * frame pointer, it returns to the user 294130561Sobrien * specified pc, psl. 295130561Sobrien */ 296130561Sobrien#ifdef COMPAT_FREEBSD4 297130561Sobrienstatic void 298130561Sobrienfreebsd4_ia32_sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 299130561Sobrien{ 300130561Sobrien struct ia32_sigframe4 sf, *sfp; 301130561Sobrien struct ia32_siginfo siginfo; 302130561Sobrien struct proc *p; 303130561Sobrien struct thread *td; 304130561Sobrien struct sigacts *psp; 305130561Sobrien struct trapframe *regs; 306130561Sobrien int oonstack; 307130561Sobrien int sig; 308130561Sobrien 309130561Sobrien td = curthread; 310130561Sobrien p = td->td_proc; 311130561Sobrien siginfo_to_ia32siginfo(&ksi->ksi_info, &siginfo); 312130561Sobrien 313130561Sobrien PROC_LOCK_ASSERT(p, MA_OWNED); 314130561Sobrien sig = siginfo.si_signo; 315130561Sobrien psp = p->p_sigacts; 316130561Sobrien mtx_assert(&psp->ps_mtx, MA_OWNED); 317130561Sobrien regs = td->td_frame; 318130561Sobrien oonstack = sigonstack(regs->tf_rsp); 319130561Sobrien 320130561Sobrien /* Save user context. */ 321130561Sobrien bzero(&sf, sizeof(sf)); 322130561Sobrien sf.sf_uc.uc_sigmask = *mask; 323130561Sobrien sf.sf_uc.uc_stack.ss_sp = (uintptr_t)td->td_sigstk.ss_sp; 324130561Sobrien sf.sf_uc.uc_stack.ss_size = td->td_sigstk.ss_size; 325130561Sobrien sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 326130561Sobrien ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 327130561Sobrien sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 328130561Sobrien sf.sf_uc.uc_mcontext.mc_gs = rgs(); 329130561Sobrien sf.sf_uc.uc_mcontext.mc_fs = rfs(); 330130561Sobrien __asm __volatile("movl %%es,%0" : "=rm" (sf.sf_uc.uc_mcontext.mc_es)); 331130561Sobrien __asm __volatile("movl %%ds,%0" : "=rm" (sf.sf_uc.uc_mcontext.mc_ds)); 332130561Sobrien sf.sf_uc.uc_mcontext.mc_edi = regs->tf_rdi; 333130561Sobrien sf.sf_uc.uc_mcontext.mc_esi = regs->tf_rsi; 334130561Sobrien sf.sf_uc.uc_mcontext.mc_ebp = regs->tf_rbp; 335130561Sobrien sf.sf_uc.uc_mcontext.mc_isp = regs->tf_rsp; /* XXX */ 336130561Sobrien sf.sf_uc.uc_mcontext.mc_ebx = regs->tf_rbx; 337130561Sobrien sf.sf_uc.uc_mcontext.mc_edx = regs->tf_rdx; 338130561Sobrien sf.sf_uc.uc_mcontext.mc_ecx = regs->tf_rcx; 339130561Sobrien sf.sf_uc.uc_mcontext.mc_eax = regs->tf_rax; 340130561Sobrien sf.sf_uc.uc_mcontext.mc_trapno = regs->tf_trapno; 341130561Sobrien sf.sf_uc.uc_mcontext.mc_err = regs->tf_err; 342130561Sobrien sf.sf_uc.uc_mcontext.mc_eip = regs->tf_rip; 343130561Sobrien sf.sf_uc.uc_mcontext.mc_cs = regs->tf_cs; 344130561Sobrien sf.sf_uc.uc_mcontext.mc_eflags = regs->tf_rflags; 345130561Sobrien sf.sf_uc.uc_mcontext.mc_esp = regs->tf_rsp; 346130561Sobrien sf.sf_uc.uc_mcontext.mc_ss = regs->tf_ss; 347130561Sobrien 348130561Sobrien /* Allocate space for the signal handler context. */ 349130561Sobrien if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 350130561Sobrien SIGISMEMBER(psp->ps_sigonstack, sig)) { 351130561Sobrien sfp = (struct ia32_sigframe4 *)(td->td_sigstk.ss_sp + 352130561Sobrien td->td_sigstk.ss_size - sizeof(sf)); 353130561Sobrien } else 354130561Sobrien sfp = (struct ia32_sigframe4 *)regs->tf_rsp - 1; 355130561Sobrien PROC_UNLOCK(p); 356130561Sobrien 357130561Sobrien /* Translate the signal if appropriate. */ 358130561Sobrien if (p->p_sysent->sv_sigtbl && sig <= p->p_sysent->sv_sigsize) 359130561Sobrien sig = p->p_sysent->sv_sigtbl[_SIG_IDX(sig)]; 360130561Sobrien 361130561Sobrien /* Build the argument list for the signal handler. */ 362130561Sobrien sf.sf_signum = sig; 363130561Sobrien sf.sf_ucontext = (register_t)&sfp->sf_uc; 364130561Sobrien if (SIGISMEMBER(psp->ps_siginfo, sig)) { 365130561Sobrien /* Signal handler installed with SA_SIGINFO. */ 366130561Sobrien sf.sf_siginfo = (u_int32_t)(uintptr_t)&sfp->sf_si; 367130561Sobrien sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 368130561Sobrien 369130561Sobrien /* Fill in POSIX parts */ 370130561Sobrien sf.sf_si = siginfo; 371130561Sobrien sf.sf_si.si_signo = sig; 372130561Sobrien } else { 373130561Sobrien /* Old FreeBSD-style arguments. */ 374130561Sobrien sf.sf_siginfo = siginfo.si_code; 375130561Sobrien sf.sf_addr = (u_int32_t)siginfo.si_addr; 376130561Sobrien sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 377130561Sobrien } 378130561Sobrien mtx_unlock(&psp->ps_mtx); 379130561Sobrien 380130561Sobrien /* 381130561Sobrien * Copy the sigframe out to the user's stack. 382130561Sobrien */ 383130561Sobrien if (copyout(&sf, sfp, sizeof(*sfp)) != 0) { 384130561Sobrien#ifdef DEBUG 385130561Sobrien printf("process %ld has trashed its stack\n", (long)p->p_pid); 386130561Sobrien#endif 387130561Sobrien PROC_LOCK(p); 388130561Sobrien sigexit(td, SIGILL); 389130561Sobrien } 390130561Sobrien 391130561Sobrien regs->tf_rsp = (uintptr_t)sfp; 392130561Sobrien regs->tf_rip = FREEBSD32_PS_STRINGS - sz_freebsd4_ia32_sigcode; 393130561Sobrien regs->tf_rflags &= ~PSL_T; 394130561Sobrien regs->tf_cs = _ucode32sel; 395130561Sobrien regs->tf_ss = _udatasel; 396130561Sobrien load_ds(_udatasel); 397130561Sobrien td->td_pcb->pcb_ds = _udatasel; 398130561Sobrien load_es(_udatasel); 399130561Sobrien td->td_pcb->pcb_es = _udatasel; 400130561Sobrien /* leave user %fs and %gs untouched */ 401130561Sobrien PROC_LOCK(p); 402130561Sobrien mtx_lock(&psp->ps_mtx); 403130561Sobrien} 404130561Sobrien#endif /* COMPAT_FREEBSD4 */ 405130561Sobrien 406130561Sobrienvoid 407130561Sobrienia32_sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 408130561Sobrien{ 409130561Sobrien struct ia32_sigframe sf, *sfp; 410130561Sobrien struct ia32_siginfo siginfo; 411130561Sobrien struct proc *p; 412130561Sobrien struct thread *td; 413130561Sobrien struct sigacts *psp; 414130561Sobrien char *sp; 415130561Sobrien struct trapframe *regs; 416130561Sobrien int oonstack; 417130561Sobrien int sig; 418130561Sobrien 419130561Sobrien siginfo_to_ia32siginfo(&ksi->ksi_info, &siginfo); 420130561Sobrien td = curthread; 421130561Sobrien p = td->td_proc; 422130561Sobrien PROC_LOCK_ASSERT(p, MA_OWNED); 423 sig = siginfo.si_signo; 424 psp = p->p_sigacts; 425#ifdef COMPAT_FREEBSD4 426 if (SIGISMEMBER(psp->ps_freebsd4, sig)) { 427 freebsd4_ia32_sendsig(catcher, ksi, mask); 428 return; 429 } 430#endif 431 mtx_assert(&psp->ps_mtx, MA_OWNED); 432 regs = td->td_frame; 433 oonstack = sigonstack(regs->tf_rsp); 434 435 /* Save user context. */ 436 bzero(&sf, sizeof(sf)); 437 sf.sf_uc.uc_sigmask = *mask; 438 sf.sf_uc.uc_stack.ss_sp = (uintptr_t)td->td_sigstk.ss_sp; 439 sf.sf_uc.uc_stack.ss_size = td->td_sigstk.ss_size; 440 sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 441 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 442 sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 443 sf.sf_uc.uc_mcontext.mc_gs = rgs(); 444 sf.sf_uc.uc_mcontext.mc_fs = rfs(); 445 __asm __volatile("movl %%es,%0" : "=rm" (sf.sf_uc.uc_mcontext.mc_es)); 446 __asm __volatile("movl %%ds,%0" : "=rm" (sf.sf_uc.uc_mcontext.mc_ds)); 447 sf.sf_uc.uc_mcontext.mc_edi = regs->tf_rdi; 448 sf.sf_uc.uc_mcontext.mc_esi = regs->tf_rsi; 449 sf.sf_uc.uc_mcontext.mc_ebp = regs->tf_rbp; 450 sf.sf_uc.uc_mcontext.mc_isp = regs->tf_rsp; /* XXX */ 451 sf.sf_uc.uc_mcontext.mc_ebx = regs->tf_rbx; 452 sf.sf_uc.uc_mcontext.mc_edx = regs->tf_rdx; 453 sf.sf_uc.uc_mcontext.mc_ecx = regs->tf_rcx; 454 sf.sf_uc.uc_mcontext.mc_eax = regs->tf_rax; 455 sf.sf_uc.uc_mcontext.mc_trapno = regs->tf_trapno; 456 sf.sf_uc.uc_mcontext.mc_err = regs->tf_err; 457 sf.sf_uc.uc_mcontext.mc_eip = regs->tf_rip; 458 sf.sf_uc.uc_mcontext.mc_cs = regs->tf_cs; 459 sf.sf_uc.uc_mcontext.mc_eflags = regs->tf_rflags; 460 sf.sf_uc.uc_mcontext.mc_esp = regs->tf_rsp; 461 sf.sf_uc.uc_mcontext.mc_ss = regs->tf_ss; 462 sf.sf_uc.uc_mcontext.mc_len = sizeof(sf.sf_uc.uc_mcontext); /* magic */ 463 ia32_get_fpcontext(td, &sf.sf_uc.uc_mcontext); 464 fpstate_drop(td); 465 466 /* Allocate space for the signal handler context. */ 467 if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 468 SIGISMEMBER(psp->ps_sigonstack, sig)) { 469 sp = td->td_sigstk.ss_sp + 470 td->td_sigstk.ss_size - sizeof(sf); 471 } else 472 sp = (char *)regs->tf_rsp - sizeof(sf); 473 /* Align to 16 bytes. */ 474 sfp = (struct ia32_sigframe *)((uintptr_t)sp & ~0xF); 475 PROC_UNLOCK(p); 476 477 /* Translate the signal if appropriate. */ 478 if (p->p_sysent->sv_sigtbl && sig <= p->p_sysent->sv_sigsize) 479 sig = p->p_sysent->sv_sigtbl[_SIG_IDX(sig)]; 480 481 /* Build the argument list for the signal handler. */ 482 sf.sf_signum = sig; 483 sf.sf_ucontext = (register_t)&sfp->sf_uc; 484 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 485 /* Signal handler installed with SA_SIGINFO. */ 486 sf.sf_siginfo = (u_int32_t)(uintptr_t)&sfp->sf_si; 487 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 488 489 /* Fill in POSIX parts */ 490 sf.sf_si = siginfo; 491 sf.sf_si.si_signo = sig; 492 } else { 493 /* Old FreeBSD-style arguments. */ 494 sf.sf_siginfo = siginfo.si_code; 495 sf.sf_addr = (u_int32_t)siginfo.si_addr; 496 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 497 } 498 mtx_unlock(&psp->ps_mtx); 499 500 /* 501 * Copy the sigframe out to the user's stack. 502 */ 503 if (copyout(&sf, sfp, sizeof(*sfp)) != 0) { 504#ifdef DEBUG 505 printf("process %ld has trashed its stack\n", (long)p->p_pid); 506#endif 507 PROC_LOCK(p); 508 sigexit(td, SIGILL); 509 } 510 511 regs->tf_rsp = (uintptr_t)sfp; 512 regs->tf_rip = FREEBSD32_PS_STRINGS - *(p->p_sysent->sv_szsigcode); 513 regs->tf_rflags &= ~PSL_T; 514 regs->tf_cs = _ucode32sel; 515 regs->tf_ss = _udatasel; 516 load_ds(_udatasel); 517 td->td_pcb->pcb_ds = _udatasel; 518 load_es(_udatasel); 519 td->td_pcb->pcb_es = _udatasel; 520 /* leave user %fs and %gs untouched */ 521 PROC_LOCK(p); 522 mtx_lock(&psp->ps_mtx); 523} 524 525/* 526 * System call to cleanup state after a signal 527 * has been taken. Reset signal mask and 528 * stack state from context left by sendsig (above). 529 * Return to previous pc and psl as specified by 530 * context left by sendsig. Check carefully to 531 * make sure that the user has not modified the 532 * state to gain improper privileges. 533 */ 534#ifdef COMPAT_FREEBSD4 535/* 536 * MPSAFE 537 */ 538int 539freebsd4_freebsd32_sigreturn(td, uap) 540 struct thread *td; 541 struct freebsd4_freebsd32_sigreturn_args /* { 542 const struct freebsd4_freebsd32_ucontext *sigcntxp; 543 } */ *uap; 544{ 545 struct ia32_ucontext4 uc; 546 struct proc *p = td->td_proc; 547 struct trapframe *regs; 548 const struct ia32_ucontext4 *ucp; 549 int cs, eflags, error; 550 ksiginfo_t ksi; 551 552 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 553 if (error != 0) 554 return (error); 555 ucp = &uc; 556 regs = td->td_frame; 557 eflags = ucp->uc_mcontext.mc_eflags; 558 /* 559 * Don't allow users to change privileged or reserved flags. 560 */ 561 /* 562 * XXX do allow users to change the privileged flag PSL_RF. 563 * The cpu sets PSL_RF in tf_eflags for faults. Debuggers 564 * should sometimes set it there too. tf_eflags is kept in 565 * the signal context during signal handling and there is no 566 * other place to remember it, so the PSL_RF bit may be 567 * corrupted by the signal handler without us knowing. 568 * Corruption of the PSL_RF bit at worst causes one more or 569 * one less debugger trap, so allowing it is fairly harmless. 570 */ 571 if (!EFL_SECURE(eflags & ~PSL_RF, regs->tf_rflags & ~PSL_RF)) { 572 printf("freebsd4_freebsd32_sigreturn: eflags = 0x%x\n", eflags); 573 return (EINVAL); 574 } 575 576 /* 577 * Don't allow users to load a valid privileged %cs. Let the 578 * hardware check for invalid selectors, excess privilege in 579 * other selectors, invalid %eip's and invalid %esp's. 580 */ 581 cs = ucp->uc_mcontext.mc_cs; 582 if (!CS_SECURE(cs)) { 583 printf("freebsd4_sigreturn: cs = 0x%x\n", cs); 584 ksiginfo_init_trap(&ksi); 585 ksi.ksi_signo = SIGBUS; 586 ksi.ksi_code = BUS_OBJERR; 587 ksi.ksi_trapno = T_PROTFLT; 588 ksi.ksi_addr = (void *)regs->tf_rip; 589 trapsignal(td, &ksi); 590 return (EINVAL); 591 } 592 593 /* Segment selectors restored by sigtramp.S */ 594 regs->tf_rdi = ucp->uc_mcontext.mc_edi; 595 regs->tf_rsi = ucp->uc_mcontext.mc_esi; 596 regs->tf_rbp = ucp->uc_mcontext.mc_ebp; 597 regs->tf_rbx = ucp->uc_mcontext.mc_ebx; 598 regs->tf_rdx = ucp->uc_mcontext.mc_edx; 599 regs->tf_rcx = ucp->uc_mcontext.mc_ecx; 600 regs->tf_rax = ucp->uc_mcontext.mc_eax; 601 regs->tf_trapno = ucp->uc_mcontext.mc_trapno; 602 regs->tf_err = ucp->uc_mcontext.mc_err; 603 regs->tf_rip = ucp->uc_mcontext.mc_eip; 604 regs->tf_cs = cs; 605 regs->tf_rflags = ucp->uc_mcontext.mc_eflags; 606 regs->tf_rsp = ucp->uc_mcontext.mc_esp; 607 regs->tf_ss = ucp->uc_mcontext.mc_ss; 608 609 PROC_LOCK(p); 610 td->td_sigmask = ucp->uc_sigmask; 611 SIG_CANTMASK(td->td_sigmask); 612 signotify(td); 613 PROC_UNLOCK(p); 614 return (EJUSTRETURN); 615} 616#endif /* COMPAT_FREEBSD4 */ 617 618/* 619 * MPSAFE 620 */ 621int 622freebsd32_sigreturn(td, uap) 623 struct thread *td; 624 struct freebsd32_sigreturn_args /* { 625 const struct freebsd32_ucontext *sigcntxp; 626 } */ *uap; 627{ 628 struct ia32_ucontext uc; 629 struct proc *p = td->td_proc; 630 struct trapframe *regs; 631 const struct ia32_ucontext *ucp; 632 int cs, eflags, error, ret; 633 ksiginfo_t ksi; 634 635 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 636 if (error != 0) 637 return (error); 638 ucp = &uc; 639 regs = td->td_frame; 640 eflags = ucp->uc_mcontext.mc_eflags; 641 /* 642 * Don't allow users to change privileged or reserved flags. 643 */ 644 /* 645 * XXX do allow users to change the privileged flag PSL_RF. 646 * The cpu sets PSL_RF in tf_eflags for faults. Debuggers 647 * should sometimes set it there too. tf_eflags is kept in 648 * the signal context during signal handling and there is no 649 * other place to remember it, so the PSL_RF bit may be 650 * corrupted by the signal handler without us knowing. 651 * Corruption of the PSL_RF bit at worst causes one more or 652 * one less debugger trap, so allowing it is fairly harmless. 653 */ 654 if (!EFL_SECURE(eflags & ~PSL_RF, regs->tf_rflags & ~PSL_RF)) { 655 printf("freebsd32_sigreturn: eflags = 0x%x\n", eflags); 656 return (EINVAL); 657 } 658 659 /* 660 * Don't allow users to load a valid privileged %cs. Let the 661 * hardware check for invalid selectors, excess privilege in 662 * other selectors, invalid %eip's and invalid %esp's. 663 */ 664 cs = ucp->uc_mcontext.mc_cs; 665 if (!CS_SECURE(cs)) { 666 printf("sigreturn: cs = 0x%x\n", cs); 667 ksiginfo_init_trap(&ksi); 668 ksi.ksi_signo = SIGBUS; 669 ksi.ksi_code = BUS_OBJERR; 670 ksi.ksi_trapno = T_PROTFLT; 671 ksi.ksi_addr = (void *)regs->tf_rip; 672 trapsignal(td, &ksi); 673 return (EINVAL); 674 } 675 676 ret = ia32_set_fpcontext(td, &ucp->uc_mcontext); 677 if (ret != 0) 678 return (ret); 679 680 /* Segment selectors restored by sigtramp.S */ 681 regs->tf_rdi = ucp->uc_mcontext.mc_edi; 682 regs->tf_rsi = ucp->uc_mcontext.mc_esi; 683 regs->tf_rbp = ucp->uc_mcontext.mc_ebp; 684 regs->tf_rbx = ucp->uc_mcontext.mc_ebx; 685 regs->tf_rdx = ucp->uc_mcontext.mc_edx; 686 regs->tf_rcx = ucp->uc_mcontext.mc_ecx; 687 regs->tf_rax = ucp->uc_mcontext.mc_eax; 688 regs->tf_trapno = ucp->uc_mcontext.mc_trapno; 689 regs->tf_err = ucp->uc_mcontext.mc_err; 690 regs->tf_rip = ucp->uc_mcontext.mc_eip; 691 regs->tf_cs = cs; 692 regs->tf_rflags = ucp->uc_mcontext.mc_eflags; 693 regs->tf_rsp = ucp->uc_mcontext.mc_esp; 694 regs->tf_ss = ucp->uc_mcontext.mc_ss; 695 696 PROC_LOCK(p); 697 td->td_sigmask = ucp->uc_sigmask; 698 SIG_CANTMASK(td->td_sigmask); 699 signotify(td); 700 PROC_UNLOCK(p); 701 return (EJUSTRETURN); 702} 703 704/* 705 * Clear registers on exec 706 */ 707void 708ia32_setregs(td, entry, stack, ps_strings) 709 struct thread *td; 710 u_long entry; 711 u_long stack; 712 u_long ps_strings; 713{ 714 struct trapframe *regs = td->td_frame; 715 struct pcb *pcb = td->td_pcb; 716 717 wrmsr(MSR_FSBASE, 0); 718 wrmsr(MSR_KGSBASE, 0); /* User value while we're in the kernel */ 719 pcb->pcb_fsbase = 0; 720 pcb->pcb_gsbase = 0; 721 load_ds(_udatasel); 722 load_es(_udatasel); 723 load_fs(_udatasel); 724 load_gs(_udatasel); 725 pcb->pcb_ds = _udatasel; 726 pcb->pcb_es = _udatasel; 727 pcb->pcb_fs = _udatasel; 728 pcb->pcb_gs = _udatasel; 729 730 bzero((char *)regs, sizeof(struct trapframe)); 731 regs->tf_rip = entry; 732 regs->tf_rsp = stack; 733 regs->tf_rflags = PSL_USER | (regs->tf_rflags & PSL_T); 734 regs->tf_ss = _udatasel; 735 regs->tf_cs = _ucode32sel; 736 regs->tf_rbx = ps_strings; 737 load_cr0(rcr0() | CR0_MP | CR0_TS); 738 fpstate_drop(td); 739 740 /* Return via doreti so that we can change to a different %cs */ 741 pcb->pcb_flags |= PCB_FULLCTX; 742 td->td_retval[1] = 0; 743} 744 745void 746siginfo_to_ia32siginfo(siginfo_t *src, struct ia32_siginfo *dst) 747{ 748 dst->si_signo = src->si_signo; 749 dst->si_errno = src->si_errno; 750 dst->si_code = src->si_code; 751 dst->si_pid = src->si_pid; 752 dst->si_uid = src->si_uid; 753 dst->si_status = src->si_status; 754 dst->si_addr = dst->si_addr; 755 dst->si_value.sigval_int = src->si_value.sival_int; 756 dst->si_band = src->si_band; 757 dst->si_trapno = src->si_trapno; 758 dst->si_timerid = src->si_timerid; 759 dst->si_overrun = src->si_overrun; 760} 761