Page MenuHomeFreeBSD
Files F109720576

D23497.diff
No OneTemporary
Actions

D23497.diff
View Options

Index: head/sys/powerpc/aim/aim_machdep.c
===================================================================
--- head/sys/powerpc/aim/aim_machdep.c
+++ head/sys/powerpc/aim/aim_machdep.c
@@ -251,8 +251,25 @@
psl_userset32 = psl_userset & ~PSL_SF;
#endif
- /* Bits that users aren't allowed to change */
- psl_userstatic = ~(PSL_VEC | PSL_FP | PSL_FE0 | PSL_FE1);
+ /*
+ * Zeroed bits in this variable signify that the value of the bit
+ * in its position is allowed to vary between userspace contexts.
+ *
+ * All other bits are required to be identical for every userspace
+ * context. The actual *value* of the bit is determined by
+ * psl_userset and/or psl_userset32, and is not allowed to change.
+ *
+ * Remember to update this set when implementing support for
+ * *conditionally* enabling a processor facility. Failing to do
+ * this will cause swapcontext() in userspace to break when a
+ * process uses a conditionally-enabled facility.
+ *
+ * When *unconditionally* implementing support for a processor
+ * facility, update psl_userset / psl_userset32 instead.
+ *
+ * See the access control check in set_mcontext().
+ */
+ psl_userstatic = ~(PSL_VSX | PSL_VEC | PSL_FP | PSL_FE0 | PSL_FE1);
/*
* Mask bits from the SRR1 that aren't really the MSR:
* Bits 1-4, 10-15 (ppc32), 33-36, 42-47 (ppc64)
Index: head/sys/powerpc/booke/booke_machdep.c
===================================================================
--- head/sys/powerpc/booke/booke_machdep.c
+++ head/sys/powerpc/booke/booke_machdep.c
@@ -222,6 +222,24 @@
#ifdef __powerpc64__
psl_userset32 = psl_userset & ~PSL_CM;
#endif
+ /*
+ * Zeroed bits in this variable signify that the value of the bit
+ * in its position is allowed to vary between userspace contexts.
+ *
+ * All other bits are required to be identical for every userspace
+ * context. The actual *value* of the bit is determined by
+ * psl_userset and/or psl_userset32, and is not allowed to change.
+ *
+ * Remember to update this set when implementing support for
+ * *conditionally* enabling a processor facility. Failing to do
+ * this will cause swapcontext() in userspace to break when a
+ * process uses a conditionally-enabled facility.
+ *
+ * When *unconditionally* implementing support for a processor
+ * facility, update psl_userset / psl_userset32 instead.
+ *
+ * See the access control check in set_mcontext().
+ */
psl_userstatic = ~(PSL_VEC | PSL_FP | PSL_FE0 | PSL_FE1);
pmap_mmu_install(MMU_TYPE_BOOKE, BUS_PROBE_GENERIC);
Index: head/sys/powerpc/powerpc/exec_machdep.c
===================================================================
--- head/sys/powerpc/powerpc/exec_machdep.c
+++ head/sys/powerpc/powerpc/exec_machdep.c
@@ -463,7 +463,17 @@
return (EINVAL);
/*
- * Don't let the user set privileged MSR bits
+ * Don't let the user change privileged MSR bits.
+ *
+ * psl_userstatic is used here to mask off any bits that can
+ * legitimately vary between user contexts (Floating point
+ * exception control and any facilities that we are using the
+ * "enable on first use" pattern with.)
+ *
+ * All other bits are required to match psl_userset(32).
+ *
+ * Remember to update the platform cpu_init code when implementing
+ * support for a new conditional facility!
*/
if ((mcp->mc_srr1 & psl_userstatic) != (tf->srr1 & psl_userstatic)) {
return (EINVAL);
@@ -480,9 +490,19 @@
else
tf->fixreg[2] = tls;
- /* Disable FPU */
- tf->srr1 &= ~PSL_FP;
- pcb->pcb_flags &= ~PCB_FPU;
+ /*
+ * Force the FPU back off to ensure the new context will not bypass
+ * the enable_fpu() setup code accidentally.
+ *
+ * This prevents an issue where a process that uses floating point
+ * inside a signal handler could end up in a state where the MSR
+ * did not match pcb_flags.
+ *
+ * Additionally, ensure VSX is disabled as well, as it is illegal
+ * to leave it turned on when FP or VEC are off.
+ */
+ tf->srr1 &= ~(PSL_FP | PSL_VSX);
+ pcb->pcb_flags &= ~(PCB_FPU | PCB_VSX);
if (mcp->mc_flags & _MC_FP_VALID) {
/* enable_fpu() will happen lazily on a fault */

File Metadata

Mime Type
text/plain
Expires
Sun, Feb 9, 5:44 PM (21 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
16559776
Default Alt Text
D23497.diff (4 KB)

Event Timeline