1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2003 Peter Wemm 5 * Copyright (c) 1982, 1987, 1990 The Regents of the University of California. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to Berkeley by 9 * William Jolitz. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 __FBSDID("$FreeBSD$"); 38 39 #include <sys/param.h> 40 #include <sys/exec.h> 41 #include <sys/fcntl.h> 42 #include <sys/imgact.h> 43 #include <sys/kernel.h> 44 #include <sys/lock.h> 45 #include <sys/malloc.h> 46 #include <sys/mutex.h> 47 #include <sys/mman.h> 48 #include <sys/namei.h> 49 #include <sys/proc.h> 50 #include <sys/procfs.h> 51 #include <sys/resourcevar.h> 52 #include <sys/systm.h> 53 #include <sys/signalvar.h> 54 #include <sys/stat.h> 55 #include <sys/sx.h> 56 #include <sys/syscall.h> 57 #include <sys/syscallsubr.h> 58 #include <sys/sysctl.h> 59 #include <sys/sysent.h> 60 #include <sys/vnode.h> 61 62 #include <vm/vm.h> 63 #include <vm/vm_kern.h> 64 #include <vm/vm_param.h> 65 #include <vm/pmap.h> 66 #include <vm/vm_map.h> 67 #include <vm/vm_object.h> 68 #include <vm/vm_extern.h> 69 70 #include <compat/freebsd32/freebsd32_signal.h> 71 #include <compat/freebsd32/freebsd32_util.h> 72 #include <compat/freebsd32/freebsd32_proto.h> 73 #include <compat/freebsd32/freebsd32.h> 74 #include <compat/ia32/ia32_signal.h> 75 #include <machine/psl.h> 76 #include <machine/segments.h> 77 #include <machine/specialreg.h> 78 #include <machine/frame.h> 79 #include <machine/md_var.h> 80 #include <machine/pcb.h> 81 #include <machine/cpufunc.h> 82 #include <machine/trap.h> 83 84 #ifdef COMPAT_FREEBSD4 85 static void freebsd4_ia32_sendsig(sig_t, ksiginfo_t *, sigset_t *); 86 #endif 87 88 static void 89 ia32_get_fpcontext(struct thread *td, struct ia32_mcontext *mcp, 90 char **xfpusave, size_t *xfpusave_len) 91 { 92 /* 93 * XXX Format of 64bit and 32bit FXSAVE areas differs. FXSAVE 94 * in 32bit mode saves %cs and %ds, while on 64bit it saves 95 * 64bit instruction and data pointers. Ignore the difference 96 * for now, it should be irrelevant for most applications. 97 */ 98 mcp->mc_ownedfp = fpugetregs(td); 99 bcopy(get_pcb_user_save_td(td), &mcp->mc_fpstate[0], 100 sizeof(mcp->mc_fpstate)); 101 mcp->mc_fpformat = fpuformat(); 102 if (xfpusave == NULL) 103 return; 104 if (!use_xsave || cpu_max_ext_state_size <= sizeof(struct savefpu)) { 105 *xfpusave_len = 0; 106 *xfpusave = NULL; 107 } else { 108 mcp->mc_flags |= _MC_IA32_HASFPXSTATE; 109 *xfpusave_len = mcp->mc_xfpustate_len = 110 cpu_max_ext_state_size - sizeof(struct savefpu); 111 *xfpusave = (char *)(get_pcb_user_save_td(td) + 1); 112 } 113 } 114 115 static int 116 ia32_set_fpcontext(struct thread *td, struct ia32_mcontext *mcp, 117 char *xfpustate, size_t xfpustate_len) 118 { 119 int error; 120 121 if (mcp->mc_fpformat == _MC_FPFMT_NODEV) 122 return (0); 123 else if (mcp->mc_fpformat != _MC_FPFMT_XMM) 124 return (EINVAL); 125 else if (mcp->mc_ownedfp == _MC_FPOWNED_NONE) { 126 /* We don't care what state is left in the FPU or PCB. */ 127 fpstate_drop(td); 128 error = 0; 129 } else if (mcp->mc_ownedfp == _MC_FPOWNED_FPU || 130 mcp->mc_ownedfp == _MC_FPOWNED_PCB) { 131 error = fpusetregs(td, (struct savefpu *)&mcp->mc_fpstate, 132 xfpustate, xfpustate_len); 133 } else 134 return (EINVAL); 135 return (error); 136 } 137 138 /* 139 * Get machine context. 140 */ 141 static int 142 ia32_get_mcontext(struct thread *td, struct ia32_mcontext *mcp, int flags) 143 { 144 struct pcb *pcb; 145 struct trapframe *tp; 146 147 pcb = td->td_pcb; 148 tp = td->td_frame; 149 150 PROC_LOCK(curthread->td_proc); 151 mcp->mc_onstack = sigonstack(tp->tf_rsp); 152 PROC_UNLOCK(curthread->td_proc); 153 /* Entry into kernel always sets TF_HASSEGS */ 154 mcp->mc_gs = tp->tf_gs; 155 mcp->mc_fs = tp->tf_fs; 156 mcp->mc_es = tp->tf_es; 157 mcp->mc_ds = tp->tf_ds; 158 mcp->mc_edi = tp->tf_rdi; 159 mcp->mc_esi = tp->tf_rsi; 160 mcp->mc_ebp = tp->tf_rbp; 161 mcp->mc_isp = tp->tf_rsp; 162 mcp->mc_eflags = tp->tf_rflags; 163 if (flags & GET_MC_CLEAR_RET) { 164 mcp->mc_eax = 0; 165 mcp->mc_edx = 0; 166 mcp->mc_eflags &= ~PSL_C; 167 } else { 168 mcp->mc_eax = tp->tf_rax; 169 mcp->mc_edx = tp->tf_rdx; 170 } 171 mcp->mc_ebx = tp->tf_rbx; 172 mcp->mc_ecx = tp->tf_rcx; 173 mcp->mc_eip = tp->tf_rip; 174 mcp->mc_cs = tp->tf_cs; 175 mcp->mc_esp = tp->tf_rsp; 176 mcp->mc_ss = tp->tf_ss; 177 mcp->mc_len = sizeof(*mcp); 178 mcp->mc_flags = tp->tf_flags; 179 ia32_get_fpcontext(td, mcp, NULL, 0); 180 mcp->mc_fsbase = pcb->pcb_fsbase; 181 mcp->mc_gsbase = pcb->pcb_gsbase; 182 mcp->mc_xfpustate = 0; 183 mcp->mc_xfpustate_len = 0; 184 bzero(mcp->mc_spare2, sizeof(mcp->mc_spare2)); 185 return (0); 186 } 187 188 /* 189 * Set machine context. 190 * 191 * However, we don't set any but the user modifiable flags, and we won't 192 * touch the cs selector. 193 */ 194 static int 195 ia32_set_mcontext(struct thread *td, struct ia32_mcontext *mcp) 196 { 197 struct trapframe *tp; 198 char *xfpustate; 199 long rflags; 200 int ret; 201 202 tp = td->td_frame; 203 if (mcp->mc_len != sizeof(*mcp)) 204 return (EINVAL); 205 rflags = (mcp->mc_eflags & PSL_USERCHANGE) | 206 (tp->tf_rflags & ~PSL_USERCHANGE); 207 if (mcp->mc_flags & _MC_IA32_HASFPXSTATE) { 208 if (mcp->mc_xfpustate_len > cpu_max_ext_state_size - 209 sizeof(struct savefpu)) 210 return (EINVAL); 211 xfpustate = (char *)fpu_save_area_alloc(); 212 ret = copyin(PTRIN(mcp->mc_xfpustate), xfpustate, 213 mcp->mc_xfpustate_len); 214 if (ret != 0) { 215 fpu_save_area_free((struct savefpu *)xfpustate); 216 return (ret); 217 } 218 } else 219 xfpustate = NULL; 220 ret = ia32_set_fpcontext(td, mcp, xfpustate, mcp->mc_xfpustate_len); 221 fpu_save_area_free((struct savefpu *)xfpustate); 222 if (ret != 0) 223 return (ret); 224 tp->tf_gs = mcp->mc_gs; 225 tp->tf_fs = mcp->mc_fs; 226 tp->tf_es = mcp->mc_es; 227 tp->tf_ds = mcp->mc_ds; 228 tp->tf_flags = TF_HASSEGS; 229 tp->tf_rdi = mcp->mc_edi; 230 tp->tf_rsi = mcp->mc_esi; 231 tp->tf_rbp = mcp->mc_ebp; 232 tp->tf_rbx = mcp->mc_ebx; 233 tp->tf_rdx = mcp->mc_edx; 234 tp->tf_rcx = mcp->mc_ecx; 235 tp->tf_rax = mcp->mc_eax; 236 /* trapno, err */ 237 tp->tf_rip = mcp->mc_eip; 238 tp->tf_rflags = rflags; 239 tp->tf_rsp = mcp->mc_esp; 240 tp->tf_ss = mcp->mc_ss; 241 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 242 return (0); 243 } 244 245 /* 246 * The first two fields of a ucontext_t are the signal mask and 247 * the machine context. The next field is uc_link; we want to 248 * avoid destroying the link when copying out contexts. 249 */ 250 #define UC_COPY_SIZE offsetof(struct ia32_ucontext, uc_link) 251 252 int 253 freebsd32_getcontext(struct thread *td, struct freebsd32_getcontext_args *uap) 254 { 255 struct ia32_ucontext uc; 256 int ret; 257 258 if (uap->ucp == NULL) 259 ret = EINVAL; 260 else { 261 bzero(&uc, sizeof(uc)); 262 ia32_get_mcontext(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); 263 PROC_LOCK(td->td_proc); 264 uc.uc_sigmask = td->td_sigmask; 265 PROC_UNLOCK(td->td_proc); 266 ret = copyout(&uc, uap->ucp, UC_COPY_SIZE); 267 } 268 return (ret); 269 } 270 271 int 272 freebsd32_setcontext(struct thread *td, struct freebsd32_setcontext_args *uap) 273 { 274 struct ia32_ucontext uc; 275 int ret; 276 277 if (uap->ucp == NULL) 278 ret = EINVAL; 279 else { 280 ret = copyin(uap->ucp, &uc, UC_COPY_SIZE); 281 if (ret == 0) { 282 ret = ia32_set_mcontext(td, &uc.uc_mcontext); 283 if (ret == 0) { 284 kern_sigprocmask(td, SIG_SETMASK, 285 &uc.uc_sigmask, NULL, 0); 286 } 287 } 288 } 289 return (ret == 0 ? EJUSTRETURN : ret); 290 } 291 292 int 293 freebsd32_swapcontext(struct thread *td, struct freebsd32_swapcontext_args *uap) 294 { 295 struct ia32_ucontext uc; 296 int ret; 297 298 if (uap->oucp == NULL || uap->ucp == NULL) 299 ret = EINVAL; 300 else { 301 bzero(&uc, sizeof(uc)); 302 ia32_get_mcontext(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); 303 PROC_LOCK(td->td_proc); 304 uc.uc_sigmask = td->td_sigmask; 305 PROC_UNLOCK(td->td_proc); 306 ret = copyout(&uc, uap->oucp, UC_COPY_SIZE); 307 if (ret == 0) { 308 ret = copyin(uap->ucp, &uc, UC_COPY_SIZE); 309 if (ret == 0) { 310 ret = ia32_set_mcontext(td, &uc.uc_mcontext); 311 if (ret == 0) { 312 kern_sigprocmask(td, SIG_SETMASK, 313 &uc.uc_sigmask, NULL, 0); 314 } 315 } 316 } 317 } 318 return (ret == 0 ? EJUSTRETURN : ret); 319 } 320 321 /* 322 * Send an interrupt to process. 323 * 324 * Stack is set up to allow sigcode stored 325 * at top to call routine, followed by kcall 326 * to sigreturn routine below. After sigreturn 327 * resets the signal mask, the stack, and the 328 * frame pointer, it returns to the user 329 * specified pc, psl. 330 */ 331 332 #ifdef COMPAT_43 333 static void 334 ia32_osendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 335 { 336 struct ia32_sigframe3 sf, *fp; 337 struct proc *p; 338 struct thread *td; 339 struct sigacts *psp; 340 struct trapframe *regs; 341 int sig; 342 int oonstack; 343 344 td = curthread; 345 p = td->td_proc; 346 PROC_LOCK_ASSERT(p, MA_OWNED); 347 sig = ksi->ksi_signo; 348 psp = p->p_sigacts; 349 mtx_assert(&psp->ps_mtx, MA_OWNED); 350 regs = td->td_frame; 351 oonstack = sigonstack(regs->tf_rsp); 352 353 /* Allocate space for the signal handler context. */ 354 if ((td->td_pflags & TDP_ALTSTACK) && !oonstack && 355 SIGISMEMBER(psp->ps_sigonstack, sig)) { 356 fp = (struct ia32_sigframe3 *)((uintptr_t)td->td_sigstk.ss_sp + 357 td->td_sigstk.ss_size - sizeof(sf)); 358 td->td_sigstk.ss_flags |= SS_ONSTACK; 359 } else 360 fp = (struct ia32_sigframe3 *)regs->tf_rsp - 1; 361 362 /* Build the argument list for the signal handler. */ 363 sf.sf_signum = sig; 364 sf.sf_scp = (register_t)&fp->sf_siginfo.si_sc; 365 bzero(&sf.sf_siginfo, sizeof(sf.sf_siginfo)); 366 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 367 /* Signal handler installed with SA_SIGINFO. */ 368 sf.sf_arg2 = (register_t)&fp->sf_siginfo; 369 sf.sf_siginfo.si_signo = sig; 370 sf.sf_siginfo.si_code = ksi->ksi_code; 371 sf.sf_ah = (uintptr_t)catcher; 372 sf.sf_addr = 0; 373 } else { 374 /* Old FreeBSD-style arguments. */ 375 sf.sf_arg2 = ksi->ksi_code; 376 sf.sf_addr = (register_t)ksi->ksi_addr; 377 sf.sf_ah = (uintptr_t)catcher; 378 } 379 mtx_unlock(&psp->ps_mtx); 380 PROC_UNLOCK(p); 381 382 /* Save most if not all of trap frame. */ 383 sf.sf_siginfo.si_sc.sc_eax = regs->tf_rax; 384 sf.sf_siginfo.si_sc.sc_ebx = regs->tf_rbx; 385 sf.sf_siginfo.si_sc.sc_ecx = regs->tf_rcx; 386 sf.sf_siginfo.si_sc.sc_edx = regs->tf_rdx; 387 sf.sf_siginfo.si_sc.sc_esi = regs->tf_rsi; 388 sf.sf_siginfo.si_sc.sc_edi = regs->tf_rdi; 389 sf.sf_siginfo.si_sc.sc_cs = regs->tf_cs; 390 sf.sf_siginfo.si_sc.sc_ds = regs->tf_ds; 391 sf.sf_siginfo.si_sc.sc_ss = regs->tf_ss; 392 sf.sf_siginfo.si_sc.sc_es = regs->tf_es; 393 sf.sf_siginfo.si_sc.sc_fs = regs->tf_fs; 394 sf.sf_siginfo.si_sc.sc_gs = regs->tf_gs; 395 sf.sf_siginfo.si_sc.sc_isp = regs->tf_rsp; 396 397 /* Build the signal context to be used by osigreturn(). */ 398 sf.sf_siginfo.si_sc.sc_onstack = (oonstack) ? 1 : 0; 399 SIG2OSIG(*mask, sf.sf_siginfo.si_sc.sc_mask); 400 sf.sf_siginfo.si_sc.sc_esp = regs->tf_rsp; 401 sf.sf_siginfo.si_sc.sc_ebp = regs->tf_rbp; 402 sf.sf_siginfo.si_sc.sc_eip = regs->tf_rip; 403 sf.sf_siginfo.si_sc.sc_eflags = regs->tf_rflags; 404 sf.sf_siginfo.si_sc.sc_trapno = regs->tf_trapno; 405 sf.sf_siginfo.si_sc.sc_err = regs->tf_err; 406 407 /* 408 * Copy the sigframe out to the user's stack. 409 */ 410 if (copyout(&sf, fp, sizeof(*fp)) != 0) { 411 #ifdef DEBUG 412 printf("process %ld has trashed its stack\n", (long)p->p_pid); 413 #endif 414 PROC_LOCK(p); 415 sigexit(td, SIGILL); 416 } 417 418 regs->tf_rsp = (uintptr_t)fp; 419 regs->tf_rip = p->p_sysent->sv_psstrings - sz_ia32_osigcode; 420 regs->tf_rflags &= ~(PSL_T | PSL_D); 421 regs->tf_cs = _ucode32sel; 422 regs->tf_ds = _udatasel; 423 regs->tf_es = _udatasel; 424 regs->tf_fs = _udatasel; 425 regs->tf_ss = _udatasel; 426 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 427 PROC_LOCK(p); 428 mtx_lock(&psp->ps_mtx); 429 } 430 #endif 431 432 #ifdef COMPAT_FREEBSD4 433 static void 434 freebsd4_ia32_sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 435 { 436 struct ia32_sigframe4 sf, *sfp; 437 struct siginfo32 siginfo; 438 struct proc *p; 439 struct thread *td; 440 struct sigacts *psp; 441 struct trapframe *regs; 442 int oonstack; 443 int sig; 444 445 td = curthread; 446 p = td->td_proc; 447 siginfo_to_siginfo32(&ksi->ksi_info, &siginfo); 448 449 PROC_LOCK_ASSERT(p, MA_OWNED); 450 sig = siginfo.si_signo; 451 psp = p->p_sigacts; 452 mtx_assert(&psp->ps_mtx, MA_OWNED); 453 regs = td->td_frame; 454 oonstack = sigonstack(regs->tf_rsp); 455 456 /* Save user context. */ 457 bzero(&sf, sizeof(sf)); 458 sf.sf_uc.uc_sigmask = *mask; 459 sf.sf_uc.uc_stack.ss_sp = (uintptr_t)td->td_sigstk.ss_sp; 460 sf.sf_uc.uc_stack.ss_size = td->td_sigstk.ss_size; 461 sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 462 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 463 sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 464 sf.sf_uc.uc_mcontext.mc_edi = regs->tf_rdi; 465 sf.sf_uc.uc_mcontext.mc_esi = regs->tf_rsi; 466 sf.sf_uc.uc_mcontext.mc_ebp = regs->tf_rbp; 467 sf.sf_uc.uc_mcontext.mc_isp = regs->tf_rsp; /* XXX */ 468 sf.sf_uc.uc_mcontext.mc_ebx = regs->tf_rbx; 469 sf.sf_uc.uc_mcontext.mc_edx = regs->tf_rdx; 470 sf.sf_uc.uc_mcontext.mc_ecx = regs->tf_rcx; 471 sf.sf_uc.uc_mcontext.mc_eax = regs->tf_rax; 472 sf.sf_uc.uc_mcontext.mc_trapno = regs->tf_trapno; 473 sf.sf_uc.uc_mcontext.mc_err = regs->tf_err; 474 sf.sf_uc.uc_mcontext.mc_eip = regs->tf_rip; 475 sf.sf_uc.uc_mcontext.mc_cs = regs->tf_cs; 476 sf.sf_uc.uc_mcontext.mc_eflags = regs->tf_rflags; 477 sf.sf_uc.uc_mcontext.mc_esp = regs->tf_rsp; 478 sf.sf_uc.uc_mcontext.mc_ss = regs->tf_ss; 479 sf.sf_uc.uc_mcontext.mc_ds = regs->tf_ds; 480 sf.sf_uc.uc_mcontext.mc_es = regs->tf_es; 481 sf.sf_uc.uc_mcontext.mc_fs = regs->tf_fs; 482 sf.sf_uc.uc_mcontext.mc_gs = regs->tf_gs; 483 bzero(sf.sf_uc.uc_mcontext.mc_fpregs, 484 sizeof(sf.sf_uc.uc_mcontext.mc_fpregs)); 485 bzero(sf.sf_uc.uc_mcontext.__spare__, 486 sizeof(sf.sf_uc.uc_mcontext.__spare__)); 487 bzero(sf.sf_uc.__spare__, sizeof(sf.sf_uc.__spare__)); 488 489 /* Allocate space for the signal handler context. */ 490 if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 491 SIGISMEMBER(psp->ps_sigonstack, sig)) { 492 sfp = (struct ia32_sigframe4 *)((uintptr_t)td->td_sigstk.ss_sp + 493 td->td_sigstk.ss_size - sizeof(sf)); 494 } else 495 sfp = (struct ia32_sigframe4 *)regs->tf_rsp - 1; 496 PROC_UNLOCK(p); 497 498 /* Build the argument list for the signal handler. */ 499 sf.sf_signum = sig; 500 sf.sf_ucontext = (register_t)&sfp->sf_uc; 501 bzero(&sf.sf_si, sizeof(sf.sf_si)); 502 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 503 /* Signal handler installed with SA_SIGINFO. */ 504 sf.sf_siginfo = (u_int32_t)(uintptr_t)&sfp->sf_si; 505 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 506 507 /* Fill in POSIX parts */ 508 sf.sf_si = siginfo; 509 sf.sf_si.si_signo = sig; 510 } else { 511 /* Old FreeBSD-style arguments. */ 512 sf.sf_siginfo = siginfo.si_code; 513 sf.sf_addr = (u_int32_t)siginfo.si_addr; 514 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 515 } 516 mtx_unlock(&psp->ps_mtx); 517 518 /* 519 * Copy the sigframe out to the user's stack. 520 */ 521 if (copyout(&sf, sfp, sizeof(*sfp)) != 0) { 522 #ifdef DEBUG 523 printf("process %ld has trashed its stack\n", (long)p->p_pid); 524 #endif 525 PROC_LOCK(p); 526 sigexit(td, SIGILL); 527 } 528 529 regs->tf_rsp = (uintptr_t)sfp; 530 regs->tf_rip = p->p_sysent->sv_sigcode_base + sz_ia32_sigcode - 531 sz_freebsd4_ia32_sigcode; 532 regs->tf_rflags &= ~(PSL_T | PSL_D); 533 regs->tf_cs = _ucode32sel; 534 regs->tf_ss = _udatasel; 535 regs->tf_ds = _udatasel; 536 regs->tf_es = _udatasel; 537 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 538 /* leave user %fs and %gs untouched */ 539 PROC_LOCK(p); 540 mtx_lock(&psp->ps_mtx); 541 } 542 #endif /* COMPAT_FREEBSD4 */ 543 544 void 545 ia32_sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 546 { 547 struct ia32_sigframe sf, *sfp; 548 struct siginfo32 siginfo; 549 struct proc *p; 550 struct thread *td; 551 struct sigacts *psp; 552 char *sp; 553 struct trapframe *regs; 554 char *xfpusave; 555 size_t xfpusave_len; 556 int oonstack; 557 int sig; 558 559 siginfo_to_siginfo32(&ksi->ksi_info, &siginfo); 560 td = curthread; 561 p = td->td_proc; 562 PROC_LOCK_ASSERT(p, MA_OWNED); 563 sig = siginfo.si_signo; 564 psp = p->p_sigacts; 565 #ifdef COMPAT_FREEBSD4 566 if (SIGISMEMBER(psp->ps_freebsd4, sig)) { 567 freebsd4_ia32_sendsig(catcher, ksi, mask); 568 return; 569 } 570 #endif 571 #ifdef COMPAT_43 572 if (SIGISMEMBER(psp->ps_osigset, sig)) { 573 ia32_osendsig(catcher, ksi, mask); 574 return; 575 } 576 #endif 577 mtx_assert(&psp->ps_mtx, MA_OWNED); 578 regs = td->td_frame; 579 oonstack = sigonstack(regs->tf_rsp); 580 581 /* Save user context. */ 582 bzero(&sf, sizeof(sf)); 583 sf.sf_uc.uc_sigmask = *mask; 584 sf.sf_uc.uc_stack.ss_sp = (uintptr_t)td->td_sigstk.ss_sp; 585 sf.sf_uc.uc_stack.ss_size = td->td_sigstk.ss_size; 586 sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 587 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 588 sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 589 sf.sf_uc.uc_mcontext.mc_edi = regs->tf_rdi; 590 sf.sf_uc.uc_mcontext.mc_esi = regs->tf_rsi; 591 sf.sf_uc.uc_mcontext.mc_ebp = regs->tf_rbp; 592 sf.sf_uc.uc_mcontext.mc_isp = regs->tf_rsp; /* XXX */ 593 sf.sf_uc.uc_mcontext.mc_ebx = regs->tf_rbx; 594 sf.sf_uc.uc_mcontext.mc_edx = regs->tf_rdx; 595 sf.sf_uc.uc_mcontext.mc_ecx = regs->tf_rcx; 596 sf.sf_uc.uc_mcontext.mc_eax = regs->tf_rax; 597 sf.sf_uc.uc_mcontext.mc_trapno = regs->tf_trapno; 598 sf.sf_uc.uc_mcontext.mc_err = regs->tf_err; 599 sf.sf_uc.uc_mcontext.mc_eip = regs->tf_rip; 600 sf.sf_uc.uc_mcontext.mc_cs = regs->tf_cs; 601 sf.sf_uc.uc_mcontext.mc_eflags = regs->tf_rflags; 602 sf.sf_uc.uc_mcontext.mc_esp = regs->tf_rsp; 603 sf.sf_uc.uc_mcontext.mc_ss = regs->tf_ss; 604 sf.sf_uc.uc_mcontext.mc_ds = regs->tf_ds; 605 sf.sf_uc.uc_mcontext.mc_es = regs->tf_es; 606 sf.sf_uc.uc_mcontext.mc_fs = regs->tf_fs; 607 sf.sf_uc.uc_mcontext.mc_gs = regs->tf_gs; 608 sf.sf_uc.uc_mcontext.mc_len = sizeof(sf.sf_uc.uc_mcontext); /* magic */ 609 ia32_get_fpcontext(td, &sf.sf_uc.uc_mcontext, &xfpusave, &xfpusave_len); 610 sf.sf_uc.uc_mcontext.mc_fsbase = td->td_pcb->pcb_fsbase; 611 sf.sf_uc.uc_mcontext.mc_gsbase = td->td_pcb->pcb_gsbase; 612 613 /* Allocate space for the signal handler context. */ 614 if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 615 SIGISMEMBER(psp->ps_sigonstack, sig)) 616 sp = (char *)td->td_sigstk.ss_sp + td->td_sigstk.ss_size; 617 else 618 sp = (char *)regs->tf_rsp; 619 if (xfpusave != NULL) { 620 sp -= xfpusave_len; 621 sp = (char *)((unsigned long)sp & ~0x3Ful); 622 sf.sf_uc.uc_mcontext.mc_xfpustate = (register_t)sp; 623 } 624 sp -= sizeof(sf); 625 /* Align to 16 bytes. */ 626 sfp = (struct ia32_sigframe *)((uintptr_t)sp & ~0xF); 627 PROC_UNLOCK(p); 628 629 /* Build the argument list for the signal handler. */ 630 sf.sf_signum = sig; 631 sf.sf_ucontext = (register_t)&sfp->sf_uc; 632 bzero(&sf.sf_si, sizeof(sf.sf_si)); 633 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 634 /* Signal handler installed with SA_SIGINFO. */ 635 sf.sf_siginfo = (u_int32_t)(uintptr_t)&sfp->sf_si; 636 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 637 638 /* Fill in POSIX parts */ 639 sf.sf_si = siginfo; 640 sf.sf_si.si_signo = sig; 641 } else { 642 /* Old FreeBSD-style arguments. */ 643 sf.sf_siginfo = siginfo.si_code; 644 sf.sf_addr = (u_int32_t)siginfo.si_addr; 645 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 646 } 647 mtx_unlock(&psp->ps_mtx); 648 649 /* 650 * Copy the sigframe out to the user's stack. 651 */ 652 if (copyout(&sf, sfp, sizeof(*sfp)) != 0 || 653 (xfpusave != NULL && copyout(xfpusave, 654 PTRIN(sf.sf_uc.uc_mcontext.mc_xfpustate), xfpusave_len) 655 != 0)) { 656 #ifdef DEBUG 657 printf("process %ld has trashed its stack\n", (long)p->p_pid); 658 #endif 659 PROC_LOCK(p); 660 sigexit(td, SIGILL); 661 } 662 663 fpstate_drop(td); 664 regs->tf_rsp = (uintptr_t)sfp; 665 regs->tf_rip = p->p_sysent->sv_sigcode_base; 666 regs->tf_rflags &= ~(PSL_T | PSL_D); 667 regs->tf_cs = _ucode32sel; 668 regs->tf_ss = _udatasel; 669 regs->tf_ds = _udatasel; 670 regs->tf_es = _udatasel; 671 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 672 /* XXXKIB leave user %fs and %gs untouched */ 673 PROC_LOCK(p); 674 mtx_lock(&psp->ps_mtx); 675 } 676 677 /* 678 * System call to cleanup state after a signal 679 * has been taken. Reset signal mask and 680 * stack state from context left by sendsig (above). 681 * Return to previous pc and psl as specified by 682 * context left by sendsig. Check carefully to 683 * make sure that the user has not modified the 684 * state to gain improper privileges. 685 */ 686 687 #ifdef COMPAT_43 688 int 689 ofreebsd32_sigreturn(struct thread *td, struct ofreebsd32_sigreturn_args *uap) 690 { 691 struct ia32_sigcontext3 sc, *scp; 692 struct trapframe *regs; 693 int eflags, error; 694 ksiginfo_t ksi; 695 696 regs = td->td_frame; 697 error = copyin(uap->sigcntxp, &sc, sizeof(sc)); 698 if (error != 0) 699 return (error); 700 scp = ≻ 701 eflags = scp->sc_eflags; 702 if (!EFL_SECURE(eflags, regs->tf_rflags)) { 703 return (EINVAL); 704 } 705 if (!CS_SECURE(scp->sc_cs)) { 706 ksiginfo_init_trap(&ksi); 707 ksi.ksi_signo = SIGBUS; 708 ksi.ksi_code = BUS_OBJERR; 709 ksi.ksi_trapno = T_PROTFLT; 710 ksi.ksi_addr = (void *)regs->tf_rip; 711 trapsignal(td, &ksi); 712 return (EINVAL); 713 } 714 regs->tf_ds = scp->sc_ds; 715 regs->tf_es = scp->sc_es; 716 regs->tf_fs = scp->sc_fs; 717 regs->tf_gs = scp->sc_gs; 718 719 regs->tf_rax = scp->sc_eax; 720 regs->tf_rbx = scp->sc_ebx; 721 regs->tf_rcx = scp->sc_ecx; 722 regs->tf_rdx = scp->sc_edx; 723 regs->tf_rsi = scp->sc_esi; 724 regs->tf_rdi = scp->sc_edi; 725 regs->tf_cs = scp->sc_cs; 726 regs->tf_ss = scp->sc_ss; 727 regs->tf_rbp = scp->sc_ebp; 728 regs->tf_rsp = scp->sc_esp; 729 regs->tf_rip = scp->sc_eip; 730 regs->tf_rflags = eflags; 731 732 if (scp->sc_onstack & 1) 733 td->td_sigstk.ss_flags |= SS_ONSTACK; 734 else 735 td->td_sigstk.ss_flags &= ~SS_ONSTACK; 736 737 kern_sigprocmask(td, SIG_SETMASK, (sigset_t *)&scp->sc_mask, NULL, 738 SIGPROCMASK_OLD); 739 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 740 return (EJUSTRETURN); 741 } 742 #endif 743 744 #ifdef COMPAT_FREEBSD4 745 /* 746 * MPSAFE 747 */ 748 int 749 freebsd4_freebsd32_sigreturn(td, uap) 750 struct thread *td; 751 struct freebsd4_freebsd32_sigreturn_args /* { 752 const struct freebsd4_freebsd32_ucontext *sigcntxp; 753 } */ *uap; 754 { 755 struct ia32_ucontext4 uc; 756 struct trapframe *regs; 757 struct ia32_ucontext4 *ucp; 758 int cs, eflags, error; 759 ksiginfo_t ksi; 760 761 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 762 if (error != 0) 763 return (error); 764 ucp = &uc; 765 regs = td->td_frame; 766 eflags = ucp->uc_mcontext.mc_eflags; 767 /* 768 * Don't allow users to change privileged or reserved flags. 769 */ 770 if (!EFL_SECURE(eflags, regs->tf_rflags)) { 771 uprintf("pid %d (%s): freebsd4_freebsd32_sigreturn eflags = 0x%x\n", 772 td->td_proc->p_pid, td->td_name, eflags); 773 return (EINVAL); 774 } 775 776 /* 777 * Don't allow users to load a valid privileged %cs. Let the 778 * hardware check for invalid selectors, excess privilege in 779 * other selectors, invalid %eip's and invalid %esp's. 780 */ 781 cs = ucp->uc_mcontext.mc_cs; 782 if (!CS_SECURE(cs)) { 783 uprintf("pid %d (%s): freebsd4_sigreturn cs = 0x%x\n", 784 td->td_proc->p_pid, td->td_name, cs); 785 ksiginfo_init_trap(&ksi); 786 ksi.ksi_signo = SIGBUS; 787 ksi.ksi_code = BUS_OBJERR; 788 ksi.ksi_trapno = T_PROTFLT; 789 ksi.ksi_addr = (void *)regs->tf_rip; 790 trapsignal(td, &ksi); 791 return (EINVAL); 792 } 793 794 regs->tf_rdi = ucp->uc_mcontext.mc_edi; 795 regs->tf_rsi = ucp->uc_mcontext.mc_esi; 796 regs->tf_rbp = ucp->uc_mcontext.mc_ebp; 797 regs->tf_rbx = ucp->uc_mcontext.mc_ebx; 798 regs->tf_rdx = ucp->uc_mcontext.mc_edx; 799 regs->tf_rcx = ucp->uc_mcontext.mc_ecx; 800 regs->tf_rax = ucp->uc_mcontext.mc_eax; 801 regs->tf_trapno = ucp->uc_mcontext.mc_trapno; 802 regs->tf_err = ucp->uc_mcontext.mc_err; 803 regs->tf_rip = ucp->uc_mcontext.mc_eip; 804 regs->tf_cs = cs; 805 regs->tf_rflags = ucp->uc_mcontext.mc_eflags; 806 regs->tf_rsp = ucp->uc_mcontext.mc_esp; 807 regs->tf_ss = ucp->uc_mcontext.mc_ss; 808 regs->tf_ds = ucp->uc_mcontext.mc_ds; 809 regs->tf_es = ucp->uc_mcontext.mc_es; 810 regs->tf_fs = ucp->uc_mcontext.mc_fs; 811 regs->tf_gs = ucp->uc_mcontext.mc_gs; 812 813 kern_sigprocmask(td, SIG_SETMASK, &ucp->uc_sigmask, NULL, 0); 814 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 815 return (EJUSTRETURN); 816 } 817 #endif /* COMPAT_FREEBSD4 */ 818 819 /* 820 * MPSAFE 821 */ 822 int 823 freebsd32_sigreturn(td, uap) 824 struct thread *td; 825 struct freebsd32_sigreturn_args /* { 826 const struct freebsd32_ucontext *sigcntxp; 827 } */ *uap; 828 { 829 struct ia32_ucontext uc; 830 struct trapframe *regs; 831 struct ia32_ucontext *ucp; 832 char *xfpustate; 833 size_t xfpustate_len; 834 int cs, eflags, error, ret; 835 ksiginfo_t ksi; 836 837 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 838 if (error != 0) 839 return (error); 840 ucp = &uc; 841 regs = td->td_frame; 842 eflags = ucp->uc_mcontext.mc_eflags; 843 /* 844 * Don't allow users to change privileged or reserved flags. 845 */ 846 if (!EFL_SECURE(eflags, regs->tf_rflags)) { 847 uprintf("pid %d (%s): freebsd32_sigreturn eflags = 0x%x\n", 848 td->td_proc->p_pid, td->td_name, eflags); 849 return (EINVAL); 850 } 851 852 /* 853 * Don't allow users to load a valid privileged %cs. Let the 854 * hardware check for invalid selectors, excess privilege in 855 * other selectors, invalid %eip's and invalid %esp's. 856 */ 857 cs = ucp->uc_mcontext.mc_cs; 858 if (!CS_SECURE(cs)) { 859 uprintf("pid %d (%s): sigreturn cs = 0x%x\n", 860 td->td_proc->p_pid, td->td_name, cs); 861 ksiginfo_init_trap(&ksi); 862 ksi.ksi_signo = SIGBUS; 863 ksi.ksi_code = BUS_OBJERR; 864 ksi.ksi_trapno = T_PROTFLT; 865 ksi.ksi_addr = (void *)regs->tf_rip; 866 trapsignal(td, &ksi); 867 return (EINVAL); 868 } 869 870 if ((ucp->uc_mcontext.mc_flags & _MC_HASFPXSTATE) != 0) { 871 xfpustate_len = uc.uc_mcontext.mc_xfpustate_len; 872 if (xfpustate_len > cpu_max_ext_state_size - 873 sizeof(struct savefpu)) { 874 uprintf("pid %d (%s): sigreturn xfpusave_len = 0x%zx\n", 875 td->td_proc->p_pid, td->td_name, xfpustate_len); 876 return (EINVAL); 877 } 878 xfpustate = (char *)fpu_save_area_alloc(); 879 error = copyin(PTRIN(ucp->uc_mcontext.mc_xfpustate), 880 xfpustate, xfpustate_len); 881 if (error != 0) { 882 fpu_save_area_free((struct savefpu *)xfpustate); 883 uprintf( 884 "pid %d (%s): sigreturn copying xfpustate failed\n", 885 td->td_proc->p_pid, td->td_name); 886 return (error); 887 } 888 } else { 889 xfpustate = NULL; 890 xfpustate_len = 0; 891 } 892 ret = ia32_set_fpcontext(td, &ucp->uc_mcontext, xfpustate, 893 xfpustate_len); 894 fpu_save_area_free((struct savefpu *)xfpustate); 895 if (ret != 0) { 896 uprintf("pid %d (%s): sigreturn set_fpcontext err %d\n", 897 td->td_proc->p_pid, td->td_name, ret); 898 return (ret); 899 } 900 901 regs->tf_rdi = ucp->uc_mcontext.mc_edi; 902 regs->tf_rsi = ucp->uc_mcontext.mc_esi; 903 regs->tf_rbp = ucp->uc_mcontext.mc_ebp; 904 regs->tf_rbx = ucp->uc_mcontext.mc_ebx; 905 regs->tf_rdx = ucp->uc_mcontext.mc_edx; 906 regs->tf_rcx = ucp->uc_mcontext.mc_ecx; 907 regs->tf_rax = ucp->uc_mcontext.mc_eax; 908 regs->tf_trapno = ucp->uc_mcontext.mc_trapno; 909 regs->tf_err = ucp->uc_mcontext.mc_err; 910 regs->tf_rip = ucp->uc_mcontext.mc_eip; 911 regs->tf_cs = cs; 912 regs->tf_rflags = ucp->uc_mcontext.mc_eflags; 913 regs->tf_rsp = ucp->uc_mcontext.mc_esp; 914 regs->tf_ss = ucp->uc_mcontext.mc_ss; 915 regs->tf_ds = ucp->uc_mcontext.mc_ds; 916 regs->tf_es = ucp->uc_mcontext.mc_es; 917 regs->tf_fs = ucp->uc_mcontext.mc_fs; 918 regs->tf_gs = ucp->uc_mcontext.mc_gs; 919 regs->tf_flags = TF_HASSEGS; 920 921 kern_sigprocmask(td, SIG_SETMASK, &ucp->uc_sigmask, NULL, 0); 922 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 923 return (EJUSTRETURN); 924 } 925 926 /* 927 * Clear registers on exec 928 */ 929 void 930 ia32_setregs(struct thread *td, struct image_params *imgp, uintptr_t stack) 931 { 932 struct trapframe *regs; 933 struct pcb *pcb; 934 register_t saved_rflags; 935 936 regs = td->td_frame; 937 pcb = td->td_pcb; 938 939 if (td->td_proc->p_md.md_ldt != NULL) 940 user_ldt_free(td); 941 #ifdef COMPAT_43 942 setup_lcall_gate(); 943 #endif 944 945 pcb->pcb_fsbase = 0; 946 pcb->pcb_gsbase = 0; 947 pcb->pcb_initial_fpucw = __INITIAL_FPUCW_I386__; 948 949 saved_rflags = regs->tf_rflags & PSL_T; 950 bzero((char *)regs, sizeof(struct trapframe)); 951 regs->tf_rip = imgp->entry_addr; 952 regs->tf_rsp = stack; 953 regs->tf_rflags = PSL_USER | saved_rflags; 954 regs->tf_ss = _udatasel; 955 regs->tf_cs = _ucode32sel; 956 regs->tf_rbx = (register_t)imgp->ps_strings; 957 regs->tf_ds = _udatasel; 958 regs->tf_es = _udatasel; 959 regs->tf_fs = _ufssel; 960 regs->tf_gs = _ugssel; 961 regs->tf_flags = TF_HASSEGS; 962 963 x86_clear_dbregs(pcb); 964 965 fpstate_drop(td); 966 967 /* Return via doreti so that we can change to a different %cs */ 968 set_pcb_flags(pcb, PCB_32BIT | PCB_FULL_IRET); 969 } 970