1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2003 Peter Wemm 5 * Copyright (c) 1982, 1987, 1990 The Regents of the University of California. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to Berkeley by 9 * William Jolitz. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 __FBSDID("$FreeBSD$"); 38 39 #include "opt_compat.h" 40 41 #include <sys/param.h> 42 #include <sys/exec.h> 43 #include <sys/fcntl.h> 44 #include <sys/imgact.h> 45 #include <sys/kernel.h> 46 #include <sys/lock.h> 47 #include <sys/malloc.h> 48 #include <sys/mutex.h> 49 #include <sys/mman.h> 50 #include <sys/namei.h> 51 #include <sys/pioctl.h> 52 #include <sys/proc.h> 53 #include <sys/procfs.h> 54 #include <sys/resourcevar.h> 55 #include <sys/systm.h> 56 #include <sys/signalvar.h> 57 #include <sys/stat.h> 58 #include <sys/sx.h> 59 #include <sys/syscall.h> 60 #include <sys/syscallsubr.h> 61 #include <sys/sysctl.h> 62 #include <sys/sysent.h> 63 #include <sys/vnode.h> 64 65 #include <vm/vm.h> 66 #include <vm/vm_kern.h> 67 #include <vm/vm_param.h> 68 #include <vm/pmap.h> 69 #include <vm/vm_map.h> 70 #include <vm/vm_object.h> 71 #include <vm/vm_extern.h> 72 73 #include <compat/freebsd32/freebsd32_signal.h> 74 #include <compat/freebsd32/freebsd32_util.h> 75 #include <compat/freebsd32/freebsd32_proto.h> 76 #include <compat/freebsd32/freebsd32.h> 77 #include <compat/ia32/ia32_signal.h> 78 #include <machine/psl.h> 79 #include <machine/segments.h> 80 #include <machine/specialreg.h> 81 #include <machine/frame.h> 82 #include <machine/md_var.h> 83 #include <machine/pcb.h> 84 #include <machine/cpufunc.h> 85 86 #ifdef COMPAT_FREEBSD4 87 static void freebsd4_ia32_sendsig(sig_t, ksiginfo_t *, sigset_t *); 88 #endif 89 90 #define CS_SECURE(cs) (ISPL(cs) == SEL_UPL) 91 #define EFL_SECURE(ef, oef) ((((ef) ^ (oef)) & ~PSL_USERCHANGE) == 0) 92 93 static void 94 ia32_get_fpcontext(struct thread *td, struct ia32_mcontext *mcp, 95 char *xfpusave, size_t xfpusave_len) 96 { 97 size_t max_len, len; 98 99 /* 100 * XXX Format of 64bit and 32bit FXSAVE areas differs. FXSAVE 101 * in 32bit mode saves %cs and %ds, while on 64bit it saves 102 * 64bit instruction and data pointers. Ignore the difference 103 * for now, it should be irrelevant for most applications. 104 */ 105 mcp->mc_ownedfp = fpugetregs(td); 106 bcopy(get_pcb_user_save_td(td), &mcp->mc_fpstate[0], 107 sizeof(mcp->mc_fpstate)); 108 mcp->mc_fpformat = fpuformat(); 109 if (!use_xsave || xfpusave_len == 0) 110 return; 111 max_len = cpu_max_ext_state_size - sizeof(struct savefpu); 112 len = xfpusave_len; 113 if (len > max_len) { 114 len = max_len; 115 bzero(xfpusave + max_len, len - max_len); 116 } 117 mcp->mc_flags |= _MC_IA32_HASFPXSTATE; 118 mcp->mc_xfpustate_len = len; 119 bcopy(get_pcb_user_save_td(td) + 1, xfpusave, len); 120 } 121 122 static int 123 ia32_set_fpcontext(struct thread *td, struct ia32_mcontext *mcp, 124 char *xfpustate, size_t xfpustate_len) 125 { 126 int error; 127 128 if (mcp->mc_fpformat == _MC_FPFMT_NODEV) 129 return (0); 130 else if (mcp->mc_fpformat != _MC_FPFMT_XMM) 131 return (EINVAL); 132 else if (mcp->mc_ownedfp == _MC_FPOWNED_NONE) { 133 /* We don't care what state is left in the FPU or PCB. */ 134 fpstate_drop(td); 135 error = 0; 136 } else if (mcp->mc_ownedfp == _MC_FPOWNED_FPU || 137 mcp->mc_ownedfp == _MC_FPOWNED_PCB) { 138 error = fpusetregs(td, (struct savefpu *)&mcp->mc_fpstate, 139 xfpustate, xfpustate_len); 140 } else 141 return (EINVAL); 142 return (error); 143 } 144 145 /* 146 * Get machine context. 147 */ 148 static int 149 ia32_get_mcontext(struct thread *td, struct ia32_mcontext *mcp, int flags) 150 { 151 struct pcb *pcb; 152 struct trapframe *tp; 153 154 pcb = td->td_pcb; 155 tp = td->td_frame; 156 157 PROC_LOCK(curthread->td_proc); 158 mcp->mc_onstack = sigonstack(tp->tf_rsp); 159 PROC_UNLOCK(curthread->td_proc); 160 /* Entry into kernel always sets TF_HASSEGS */ 161 mcp->mc_gs = tp->tf_gs; 162 mcp->mc_fs = tp->tf_fs; 163 mcp->mc_es = tp->tf_es; 164 mcp->mc_ds = tp->tf_ds; 165 mcp->mc_edi = tp->tf_rdi; 166 mcp->mc_esi = tp->tf_rsi; 167 mcp->mc_ebp = tp->tf_rbp; 168 mcp->mc_isp = tp->tf_rsp; 169 mcp->mc_eflags = tp->tf_rflags; 170 if (flags & GET_MC_CLEAR_RET) { 171 mcp->mc_eax = 0; 172 mcp->mc_edx = 0; 173 mcp->mc_eflags &= ~PSL_C; 174 } else { 175 mcp->mc_eax = tp->tf_rax; 176 mcp->mc_edx = tp->tf_rdx; 177 } 178 mcp->mc_ebx = tp->tf_rbx; 179 mcp->mc_ecx = tp->tf_rcx; 180 mcp->mc_eip = tp->tf_rip; 181 mcp->mc_cs = tp->tf_cs; 182 mcp->mc_esp = tp->tf_rsp; 183 mcp->mc_ss = tp->tf_ss; 184 mcp->mc_len = sizeof(*mcp); 185 mcp->mc_flags = tp->tf_flags; 186 ia32_get_fpcontext(td, mcp, NULL, 0); 187 mcp->mc_fsbase = pcb->pcb_fsbase; 188 mcp->mc_gsbase = pcb->pcb_gsbase; 189 mcp->mc_xfpustate = 0; 190 mcp->mc_xfpustate_len = 0; 191 bzero(mcp->mc_spare2, sizeof(mcp->mc_spare2)); 192 return (0); 193 } 194 195 /* 196 * Set machine context. 197 * 198 * However, we don't set any but the user modifiable flags, and we won't 199 * touch the cs selector. 200 */ 201 static int 202 ia32_set_mcontext(struct thread *td, struct ia32_mcontext *mcp) 203 { 204 struct trapframe *tp; 205 char *xfpustate; 206 long rflags; 207 int ret; 208 209 tp = td->td_frame; 210 if (mcp->mc_len != sizeof(*mcp)) 211 return (EINVAL); 212 rflags = (mcp->mc_eflags & PSL_USERCHANGE) | 213 (tp->tf_rflags & ~PSL_USERCHANGE); 214 if (mcp->mc_flags & _MC_IA32_HASFPXSTATE) { 215 if (mcp->mc_xfpustate_len > cpu_max_ext_state_size - 216 sizeof(struct savefpu)) 217 return (EINVAL); 218 xfpustate = __builtin_alloca(mcp->mc_xfpustate_len); 219 ret = copyin(PTRIN(mcp->mc_xfpustate), xfpustate, 220 mcp->mc_xfpustate_len); 221 if (ret != 0) 222 return (ret); 223 } else 224 xfpustate = NULL; 225 ret = ia32_set_fpcontext(td, mcp, xfpustate, mcp->mc_xfpustate_len); 226 if (ret != 0) 227 return (ret); 228 tp->tf_gs = mcp->mc_gs; 229 tp->tf_fs = mcp->mc_fs; 230 tp->tf_es = mcp->mc_es; 231 tp->tf_ds = mcp->mc_ds; 232 tp->tf_flags = TF_HASSEGS; 233 tp->tf_rdi = mcp->mc_edi; 234 tp->tf_rsi = mcp->mc_esi; 235 tp->tf_rbp = mcp->mc_ebp; 236 tp->tf_rbx = mcp->mc_ebx; 237 tp->tf_rdx = mcp->mc_edx; 238 tp->tf_rcx = mcp->mc_ecx; 239 tp->tf_rax = mcp->mc_eax; 240 /* trapno, err */ 241 tp->tf_rip = mcp->mc_eip; 242 tp->tf_rflags = rflags; 243 tp->tf_rsp = mcp->mc_esp; 244 tp->tf_ss = mcp->mc_ss; 245 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 246 return (0); 247 } 248 249 /* 250 * The first two fields of a ucontext_t are the signal mask and 251 * the machine context. The next field is uc_link; we want to 252 * avoid destroying the link when copying out contexts. 253 */ 254 #define UC_COPY_SIZE offsetof(struct ia32_ucontext, uc_link) 255 256 int 257 freebsd32_getcontext(struct thread *td, struct freebsd32_getcontext_args *uap) 258 { 259 struct ia32_ucontext uc; 260 int ret; 261 262 if (uap->ucp == NULL) 263 ret = EINVAL; 264 else { 265 ia32_get_mcontext(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); 266 PROC_LOCK(td->td_proc); 267 uc.uc_sigmask = td->td_sigmask; 268 PROC_UNLOCK(td->td_proc); 269 bzero(&uc.__spare__, sizeof(uc.__spare__)); 270 ret = copyout(&uc, uap->ucp, UC_COPY_SIZE); 271 } 272 return (ret); 273 } 274 275 int 276 freebsd32_setcontext(struct thread *td, struct freebsd32_setcontext_args *uap) 277 { 278 struct ia32_ucontext uc; 279 int ret; 280 281 if (uap->ucp == NULL) 282 ret = EINVAL; 283 else { 284 ret = copyin(uap->ucp, &uc, UC_COPY_SIZE); 285 if (ret == 0) { 286 ret = ia32_set_mcontext(td, &uc.uc_mcontext); 287 if (ret == 0) { 288 kern_sigprocmask(td, SIG_SETMASK, 289 &uc.uc_sigmask, NULL, 0); 290 } 291 } 292 } 293 return (ret == 0 ? EJUSTRETURN : ret); 294 } 295 296 int 297 freebsd32_swapcontext(struct thread *td, struct freebsd32_swapcontext_args *uap) 298 { 299 struct ia32_ucontext uc; 300 int ret; 301 302 if (uap->oucp == NULL || uap->ucp == NULL) 303 ret = EINVAL; 304 else { 305 ia32_get_mcontext(td, &uc.uc_mcontext, GET_MC_CLEAR_RET); 306 PROC_LOCK(td->td_proc); 307 uc.uc_sigmask = td->td_sigmask; 308 PROC_UNLOCK(td->td_proc); 309 ret = copyout(&uc, uap->oucp, UC_COPY_SIZE); 310 if (ret == 0) { 311 ret = copyin(uap->ucp, &uc, UC_COPY_SIZE); 312 if (ret == 0) { 313 ret = ia32_set_mcontext(td, &uc.uc_mcontext); 314 if (ret == 0) { 315 kern_sigprocmask(td, SIG_SETMASK, 316 &uc.uc_sigmask, NULL, 0); 317 } 318 } 319 } 320 } 321 return (ret == 0 ? EJUSTRETURN : ret); 322 } 323 324 /* 325 * Send an interrupt to process. 326 * 327 * Stack is set up to allow sigcode stored 328 * at top to call routine, followed by kcall 329 * to sigreturn routine below. After sigreturn 330 * resets the signal mask, the stack, and the 331 * frame pointer, it returns to the user 332 * specified pc, psl. 333 */ 334 335 #ifdef COMPAT_43 336 static void 337 ia32_osendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 338 { 339 struct ia32_sigframe3 sf, *fp; 340 struct proc *p; 341 struct thread *td; 342 struct sigacts *psp; 343 struct trapframe *regs; 344 int sig; 345 int oonstack; 346 347 td = curthread; 348 p = td->td_proc; 349 PROC_LOCK_ASSERT(p, MA_OWNED); 350 sig = ksi->ksi_signo; 351 psp = p->p_sigacts; 352 mtx_assert(&psp->ps_mtx, MA_OWNED); 353 regs = td->td_frame; 354 oonstack = sigonstack(regs->tf_rsp); 355 356 /* Allocate space for the signal handler context. */ 357 if ((td->td_pflags & TDP_ALTSTACK) && !oonstack && 358 SIGISMEMBER(psp->ps_sigonstack, sig)) { 359 fp = (struct ia32_sigframe3 *)((uintptr_t)td->td_sigstk.ss_sp + 360 td->td_sigstk.ss_size - sizeof(sf)); 361 td->td_sigstk.ss_flags |= SS_ONSTACK; 362 } else 363 fp = (struct ia32_sigframe3 *)regs->tf_rsp - 1; 364 365 /* Build the argument list for the signal handler. */ 366 sf.sf_signum = sig; 367 sf.sf_scp = (register_t)&fp->sf_siginfo.si_sc; 368 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 369 /* Signal handler installed with SA_SIGINFO. */ 370 sf.sf_arg2 = (register_t)&fp->sf_siginfo; 371 sf.sf_siginfo.si_signo = sig; 372 sf.sf_siginfo.si_code = ksi->ksi_code; 373 sf.sf_ah = (uintptr_t)catcher; 374 } else { 375 /* Old FreeBSD-style arguments. */ 376 sf.sf_arg2 = ksi->ksi_code; 377 sf.sf_addr = (register_t)ksi->ksi_addr; 378 sf.sf_ah = (uintptr_t)catcher; 379 } 380 mtx_unlock(&psp->ps_mtx); 381 PROC_UNLOCK(p); 382 383 /* Save most if not all of trap frame. */ 384 sf.sf_siginfo.si_sc.sc_eax = regs->tf_rax; 385 sf.sf_siginfo.si_sc.sc_ebx = regs->tf_rbx; 386 sf.sf_siginfo.si_sc.sc_ecx = regs->tf_rcx; 387 sf.sf_siginfo.si_sc.sc_edx = regs->tf_rdx; 388 sf.sf_siginfo.si_sc.sc_esi = regs->tf_rsi; 389 sf.sf_siginfo.si_sc.sc_edi = regs->tf_rdi; 390 sf.sf_siginfo.si_sc.sc_cs = regs->tf_cs; 391 sf.sf_siginfo.si_sc.sc_ds = regs->tf_ds; 392 sf.sf_siginfo.si_sc.sc_ss = regs->tf_ss; 393 sf.sf_siginfo.si_sc.sc_es = regs->tf_es; 394 sf.sf_siginfo.si_sc.sc_fs = regs->tf_fs; 395 sf.sf_siginfo.si_sc.sc_gs = regs->tf_gs; 396 sf.sf_siginfo.si_sc.sc_isp = regs->tf_rsp; 397 398 /* Build the signal context to be used by osigreturn(). */ 399 sf.sf_siginfo.si_sc.sc_onstack = (oonstack) ? 1 : 0; 400 SIG2OSIG(*mask, sf.sf_siginfo.si_sc.sc_mask); 401 sf.sf_siginfo.si_sc.sc_esp = regs->tf_rsp; 402 sf.sf_siginfo.si_sc.sc_ebp = regs->tf_rbp; 403 sf.sf_siginfo.si_sc.sc_eip = regs->tf_rip; 404 sf.sf_siginfo.si_sc.sc_eflags = regs->tf_rflags; 405 sf.sf_siginfo.si_sc.sc_trapno = regs->tf_trapno; 406 sf.sf_siginfo.si_sc.sc_err = regs->tf_err; 407 408 /* 409 * Copy the sigframe out to the user's stack. 410 */ 411 if (copyout(&sf, fp, sizeof(*fp)) != 0) { 412 #ifdef DEBUG 413 printf("process %ld has trashed its stack\n", (long)p->p_pid); 414 #endif 415 PROC_LOCK(p); 416 sigexit(td, SIGILL); 417 } 418 419 regs->tf_rsp = (uintptr_t)fp; 420 regs->tf_rip = p->p_sysent->sv_psstrings - sz_ia32_osigcode; 421 regs->tf_rflags &= ~(PSL_T | PSL_D); 422 regs->tf_cs = _ucode32sel; 423 regs->tf_ds = _udatasel; 424 regs->tf_es = _udatasel; 425 regs->tf_fs = _udatasel; 426 regs->tf_ss = _udatasel; 427 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 428 PROC_LOCK(p); 429 mtx_lock(&psp->ps_mtx); 430 } 431 #endif 432 433 #ifdef COMPAT_FREEBSD4 434 static void 435 freebsd4_ia32_sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 436 { 437 struct ia32_sigframe4 sf, *sfp; 438 struct siginfo32 siginfo; 439 struct proc *p; 440 struct thread *td; 441 struct sigacts *psp; 442 struct trapframe *regs; 443 int oonstack; 444 int sig; 445 446 td = curthread; 447 p = td->td_proc; 448 siginfo_to_siginfo32(&ksi->ksi_info, &siginfo); 449 450 PROC_LOCK_ASSERT(p, MA_OWNED); 451 sig = siginfo.si_signo; 452 psp = p->p_sigacts; 453 mtx_assert(&psp->ps_mtx, MA_OWNED); 454 regs = td->td_frame; 455 oonstack = sigonstack(regs->tf_rsp); 456 457 /* Save user context. */ 458 bzero(&sf, sizeof(sf)); 459 sf.sf_uc.uc_sigmask = *mask; 460 sf.sf_uc.uc_stack.ss_sp = (uintptr_t)td->td_sigstk.ss_sp; 461 sf.sf_uc.uc_stack.ss_size = td->td_sigstk.ss_size; 462 sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 463 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 464 sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 465 sf.sf_uc.uc_mcontext.mc_edi = regs->tf_rdi; 466 sf.sf_uc.uc_mcontext.mc_esi = regs->tf_rsi; 467 sf.sf_uc.uc_mcontext.mc_ebp = regs->tf_rbp; 468 sf.sf_uc.uc_mcontext.mc_isp = regs->tf_rsp; /* XXX */ 469 sf.sf_uc.uc_mcontext.mc_ebx = regs->tf_rbx; 470 sf.sf_uc.uc_mcontext.mc_edx = regs->tf_rdx; 471 sf.sf_uc.uc_mcontext.mc_ecx = regs->tf_rcx; 472 sf.sf_uc.uc_mcontext.mc_eax = regs->tf_rax; 473 sf.sf_uc.uc_mcontext.mc_trapno = regs->tf_trapno; 474 sf.sf_uc.uc_mcontext.mc_err = regs->tf_err; 475 sf.sf_uc.uc_mcontext.mc_eip = regs->tf_rip; 476 sf.sf_uc.uc_mcontext.mc_cs = regs->tf_cs; 477 sf.sf_uc.uc_mcontext.mc_eflags = regs->tf_rflags; 478 sf.sf_uc.uc_mcontext.mc_esp = regs->tf_rsp; 479 sf.sf_uc.uc_mcontext.mc_ss = regs->tf_ss; 480 sf.sf_uc.uc_mcontext.mc_ds = regs->tf_ds; 481 sf.sf_uc.uc_mcontext.mc_es = regs->tf_es; 482 sf.sf_uc.uc_mcontext.mc_fs = regs->tf_fs; 483 sf.sf_uc.uc_mcontext.mc_gs = regs->tf_gs; 484 bzero(sf.sf_uc.uc_mcontext.mc_fpregs, 485 sizeof(sf.sf_uc.uc_mcontext.mc_fpregs)); 486 bzero(sf.sf_uc.uc_mcontext.__spare__, 487 sizeof(sf.sf_uc.uc_mcontext.__spare__)); 488 bzero(sf.sf_uc.__spare__, sizeof(sf.sf_uc.__spare__)); 489 490 /* Allocate space for the signal handler context. */ 491 if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 492 SIGISMEMBER(psp->ps_sigonstack, sig)) { 493 sfp = (struct ia32_sigframe4 *)((uintptr_t)td->td_sigstk.ss_sp + 494 td->td_sigstk.ss_size - sizeof(sf)); 495 } else 496 sfp = (struct ia32_sigframe4 *)regs->tf_rsp - 1; 497 PROC_UNLOCK(p); 498 499 /* Build the argument list for the signal handler. */ 500 sf.sf_signum = sig; 501 sf.sf_ucontext = (register_t)&sfp->sf_uc; 502 bzero(&sf.sf_si, sizeof(sf.sf_si)); 503 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 504 /* Signal handler installed with SA_SIGINFO. */ 505 sf.sf_siginfo = (u_int32_t)(uintptr_t)&sfp->sf_si; 506 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 507 508 /* Fill in POSIX parts */ 509 sf.sf_si = siginfo; 510 sf.sf_si.si_signo = sig; 511 } else { 512 /* Old FreeBSD-style arguments. */ 513 sf.sf_siginfo = siginfo.si_code; 514 sf.sf_addr = (u_int32_t)siginfo.si_addr; 515 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 516 } 517 mtx_unlock(&psp->ps_mtx); 518 519 /* 520 * Copy the sigframe out to the user's stack. 521 */ 522 if (copyout(&sf, sfp, sizeof(*sfp)) != 0) { 523 #ifdef DEBUG 524 printf("process %ld has trashed its stack\n", (long)p->p_pid); 525 #endif 526 PROC_LOCK(p); 527 sigexit(td, SIGILL); 528 } 529 530 regs->tf_rsp = (uintptr_t)sfp; 531 regs->tf_rip = p->p_sysent->sv_sigcode_base + sz_ia32_sigcode - 532 sz_freebsd4_ia32_sigcode; 533 regs->tf_rflags &= ~(PSL_T | PSL_D); 534 regs->tf_cs = _ucode32sel; 535 regs->tf_ss = _udatasel; 536 regs->tf_ds = _udatasel; 537 regs->tf_es = _udatasel; 538 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 539 /* leave user %fs and %gs untouched */ 540 PROC_LOCK(p); 541 mtx_lock(&psp->ps_mtx); 542 } 543 #endif /* COMPAT_FREEBSD4 */ 544 545 void 546 ia32_sendsig(sig_t catcher, ksiginfo_t *ksi, sigset_t *mask) 547 { 548 struct ia32_sigframe sf, *sfp; 549 struct siginfo32 siginfo; 550 struct proc *p; 551 struct thread *td; 552 struct sigacts *psp; 553 char *sp; 554 struct trapframe *regs; 555 char *xfpusave; 556 size_t xfpusave_len; 557 int oonstack; 558 int sig; 559 560 siginfo_to_siginfo32(&ksi->ksi_info, &siginfo); 561 td = curthread; 562 p = td->td_proc; 563 PROC_LOCK_ASSERT(p, MA_OWNED); 564 sig = siginfo.si_signo; 565 psp = p->p_sigacts; 566 #ifdef COMPAT_FREEBSD4 567 if (SIGISMEMBER(psp->ps_freebsd4, sig)) { 568 freebsd4_ia32_sendsig(catcher, ksi, mask); 569 return; 570 } 571 #endif 572 #ifdef COMPAT_43 573 if (SIGISMEMBER(psp->ps_osigset, sig)) { 574 ia32_osendsig(catcher, ksi, mask); 575 return; 576 } 577 #endif 578 mtx_assert(&psp->ps_mtx, MA_OWNED); 579 regs = td->td_frame; 580 oonstack = sigonstack(regs->tf_rsp); 581 582 if (cpu_max_ext_state_size > sizeof(struct savefpu) && use_xsave) { 583 xfpusave_len = cpu_max_ext_state_size - sizeof(struct savefpu); 584 xfpusave = __builtin_alloca(xfpusave_len); 585 } else { 586 xfpusave_len = 0; 587 xfpusave = NULL; 588 } 589 590 /* Save user context. */ 591 bzero(&sf, sizeof(sf)); 592 sf.sf_uc.uc_sigmask = *mask; 593 sf.sf_uc.uc_stack.ss_sp = (uintptr_t)td->td_sigstk.ss_sp; 594 sf.sf_uc.uc_stack.ss_size = td->td_sigstk.ss_size; 595 sf.sf_uc.uc_stack.ss_flags = (td->td_pflags & TDP_ALTSTACK) 596 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 597 sf.sf_uc.uc_mcontext.mc_onstack = (oonstack) ? 1 : 0; 598 sf.sf_uc.uc_mcontext.mc_edi = regs->tf_rdi; 599 sf.sf_uc.uc_mcontext.mc_esi = regs->tf_rsi; 600 sf.sf_uc.uc_mcontext.mc_ebp = regs->tf_rbp; 601 sf.sf_uc.uc_mcontext.mc_isp = regs->tf_rsp; /* XXX */ 602 sf.sf_uc.uc_mcontext.mc_ebx = regs->tf_rbx; 603 sf.sf_uc.uc_mcontext.mc_edx = regs->tf_rdx; 604 sf.sf_uc.uc_mcontext.mc_ecx = regs->tf_rcx; 605 sf.sf_uc.uc_mcontext.mc_eax = regs->tf_rax; 606 sf.sf_uc.uc_mcontext.mc_trapno = regs->tf_trapno; 607 sf.sf_uc.uc_mcontext.mc_err = regs->tf_err; 608 sf.sf_uc.uc_mcontext.mc_eip = regs->tf_rip; 609 sf.sf_uc.uc_mcontext.mc_cs = regs->tf_cs; 610 sf.sf_uc.uc_mcontext.mc_eflags = regs->tf_rflags; 611 sf.sf_uc.uc_mcontext.mc_esp = regs->tf_rsp; 612 sf.sf_uc.uc_mcontext.mc_ss = regs->tf_ss; 613 sf.sf_uc.uc_mcontext.mc_ds = regs->tf_ds; 614 sf.sf_uc.uc_mcontext.mc_es = regs->tf_es; 615 sf.sf_uc.uc_mcontext.mc_fs = regs->tf_fs; 616 sf.sf_uc.uc_mcontext.mc_gs = regs->tf_gs; 617 sf.sf_uc.uc_mcontext.mc_len = sizeof(sf.sf_uc.uc_mcontext); /* magic */ 618 ia32_get_fpcontext(td, &sf.sf_uc.uc_mcontext, xfpusave, xfpusave_len); 619 fpstate_drop(td); 620 sf.sf_uc.uc_mcontext.mc_fsbase = td->td_pcb->pcb_fsbase; 621 sf.sf_uc.uc_mcontext.mc_gsbase = td->td_pcb->pcb_gsbase; 622 bzero(sf.sf_uc.__spare__, sizeof(sf.sf_uc.__spare__)); 623 624 /* Allocate space for the signal handler context. */ 625 if ((td->td_pflags & TDP_ALTSTACK) != 0 && !oonstack && 626 SIGISMEMBER(psp->ps_sigonstack, sig)) 627 sp = (char *)td->td_sigstk.ss_sp + td->td_sigstk.ss_size; 628 else 629 sp = (char *)regs->tf_rsp; 630 if (xfpusave != NULL) { 631 sp -= xfpusave_len; 632 sp = (char *)((unsigned long)sp & ~0x3Ful); 633 sf.sf_uc.uc_mcontext.mc_xfpustate = (register_t)sp; 634 } 635 sp -= sizeof(sf); 636 /* Align to 16 bytes. */ 637 sfp = (struct ia32_sigframe *)((uintptr_t)sp & ~0xF); 638 PROC_UNLOCK(p); 639 640 /* Build the argument list for the signal handler. */ 641 sf.sf_signum = sig; 642 sf.sf_ucontext = (register_t)&sfp->sf_uc; 643 bzero(&sf.sf_si, sizeof(sf.sf_si)); 644 if (SIGISMEMBER(psp->ps_siginfo, sig)) { 645 /* Signal handler installed with SA_SIGINFO. */ 646 sf.sf_siginfo = (u_int32_t)(uintptr_t)&sfp->sf_si; 647 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 648 649 /* Fill in POSIX parts */ 650 sf.sf_si = siginfo; 651 sf.sf_si.si_signo = sig; 652 } else { 653 /* Old FreeBSD-style arguments. */ 654 sf.sf_siginfo = siginfo.si_code; 655 sf.sf_addr = (u_int32_t)siginfo.si_addr; 656 sf.sf_ah = (u_int32_t)(uintptr_t)catcher; 657 } 658 mtx_unlock(&psp->ps_mtx); 659 660 /* 661 * Copy the sigframe out to the user's stack. 662 */ 663 if (copyout(&sf, sfp, sizeof(*sfp)) != 0 || 664 (xfpusave != NULL && copyout(xfpusave, 665 PTRIN(sf.sf_uc.uc_mcontext.mc_xfpustate), xfpusave_len) 666 != 0)) { 667 #ifdef DEBUG 668 printf("process %ld has trashed its stack\n", (long)p->p_pid); 669 #endif 670 PROC_LOCK(p); 671 sigexit(td, SIGILL); 672 } 673 674 regs->tf_rsp = (uintptr_t)sfp; 675 regs->tf_rip = p->p_sysent->sv_sigcode_base; 676 regs->tf_rflags &= ~(PSL_T | PSL_D); 677 regs->tf_cs = _ucode32sel; 678 regs->tf_ss = _udatasel; 679 regs->tf_ds = _udatasel; 680 regs->tf_es = _udatasel; 681 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 682 /* XXXKIB leave user %fs and %gs untouched */ 683 PROC_LOCK(p); 684 mtx_lock(&psp->ps_mtx); 685 } 686 687 /* 688 * System call to cleanup state after a signal 689 * has been taken. Reset signal mask and 690 * stack state from context left by sendsig (above). 691 * Return to previous pc and psl as specified by 692 * context left by sendsig. Check carefully to 693 * make sure that the user has not modified the 694 * state to gain improper privileges. 695 */ 696 697 #ifdef COMPAT_43 698 int 699 ofreebsd32_sigreturn(struct thread *td, struct ofreebsd32_sigreturn_args *uap) 700 { 701 struct ia32_sigcontext3 sc, *scp; 702 struct trapframe *regs; 703 int eflags, error; 704 ksiginfo_t ksi; 705 706 regs = td->td_frame; 707 error = copyin(uap->sigcntxp, &sc, sizeof(sc)); 708 if (error != 0) 709 return (error); 710 scp = ≻ 711 eflags = scp->sc_eflags; 712 if (!EFL_SECURE(eflags, regs->tf_rflags)) { 713 return (EINVAL); 714 } 715 if (!CS_SECURE(scp->sc_cs)) { 716 ksiginfo_init_trap(&ksi); 717 ksi.ksi_signo = SIGBUS; 718 ksi.ksi_code = BUS_OBJERR; 719 ksi.ksi_trapno = T_PROTFLT; 720 ksi.ksi_addr = (void *)regs->tf_rip; 721 trapsignal(td, &ksi); 722 return (EINVAL); 723 } 724 regs->tf_ds = scp->sc_ds; 725 regs->tf_es = scp->sc_es; 726 regs->tf_fs = scp->sc_fs; 727 regs->tf_gs = scp->sc_gs; 728 729 regs->tf_rax = scp->sc_eax; 730 regs->tf_rbx = scp->sc_ebx; 731 regs->tf_rcx = scp->sc_ecx; 732 regs->tf_rdx = scp->sc_edx; 733 regs->tf_rsi = scp->sc_esi; 734 regs->tf_rdi = scp->sc_edi; 735 regs->tf_cs = scp->sc_cs; 736 regs->tf_ss = scp->sc_ss; 737 regs->tf_rbp = scp->sc_ebp; 738 regs->tf_rsp = scp->sc_esp; 739 regs->tf_rip = scp->sc_eip; 740 regs->tf_rflags = eflags; 741 742 if (scp->sc_onstack & 1) 743 td->td_sigstk.ss_flags |= SS_ONSTACK; 744 else 745 td->td_sigstk.ss_flags &= ~SS_ONSTACK; 746 747 kern_sigprocmask(td, SIG_SETMASK, (sigset_t *)&scp->sc_mask, NULL, 748 SIGPROCMASK_OLD); 749 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 750 return (EJUSTRETURN); 751 } 752 #endif 753 754 #ifdef COMPAT_FREEBSD4 755 /* 756 * MPSAFE 757 */ 758 int 759 freebsd4_freebsd32_sigreturn(td, uap) 760 struct thread *td; 761 struct freebsd4_freebsd32_sigreturn_args /* { 762 const struct freebsd4_freebsd32_ucontext *sigcntxp; 763 } */ *uap; 764 { 765 struct ia32_ucontext4 uc; 766 struct trapframe *regs; 767 struct ia32_ucontext4 *ucp; 768 int cs, eflags, error; 769 ksiginfo_t ksi; 770 771 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 772 if (error != 0) 773 return (error); 774 ucp = &uc; 775 regs = td->td_frame; 776 eflags = ucp->uc_mcontext.mc_eflags; 777 /* 778 * Don't allow users to change privileged or reserved flags. 779 */ 780 if (!EFL_SECURE(eflags, regs->tf_rflags)) { 781 uprintf("pid %d (%s): freebsd4_freebsd32_sigreturn eflags = 0x%x\n", 782 td->td_proc->p_pid, td->td_name, eflags); 783 return (EINVAL); 784 } 785 786 /* 787 * Don't allow users to load a valid privileged %cs. Let the 788 * hardware check for invalid selectors, excess privilege in 789 * other selectors, invalid %eip's and invalid %esp's. 790 */ 791 cs = ucp->uc_mcontext.mc_cs; 792 if (!CS_SECURE(cs)) { 793 uprintf("pid %d (%s): freebsd4_sigreturn cs = 0x%x\n", 794 td->td_proc->p_pid, td->td_name, cs); 795 ksiginfo_init_trap(&ksi); 796 ksi.ksi_signo = SIGBUS; 797 ksi.ksi_code = BUS_OBJERR; 798 ksi.ksi_trapno = T_PROTFLT; 799 ksi.ksi_addr = (void *)regs->tf_rip; 800 trapsignal(td, &ksi); 801 return (EINVAL); 802 } 803 804 regs->tf_rdi = ucp->uc_mcontext.mc_edi; 805 regs->tf_rsi = ucp->uc_mcontext.mc_esi; 806 regs->tf_rbp = ucp->uc_mcontext.mc_ebp; 807 regs->tf_rbx = ucp->uc_mcontext.mc_ebx; 808 regs->tf_rdx = ucp->uc_mcontext.mc_edx; 809 regs->tf_rcx = ucp->uc_mcontext.mc_ecx; 810 regs->tf_rax = ucp->uc_mcontext.mc_eax; 811 regs->tf_trapno = ucp->uc_mcontext.mc_trapno; 812 regs->tf_err = ucp->uc_mcontext.mc_err; 813 regs->tf_rip = ucp->uc_mcontext.mc_eip; 814 regs->tf_cs = cs; 815 regs->tf_rflags = ucp->uc_mcontext.mc_eflags; 816 regs->tf_rsp = ucp->uc_mcontext.mc_esp; 817 regs->tf_ss = ucp->uc_mcontext.mc_ss; 818 regs->tf_ds = ucp->uc_mcontext.mc_ds; 819 regs->tf_es = ucp->uc_mcontext.mc_es; 820 regs->tf_fs = ucp->uc_mcontext.mc_fs; 821 regs->tf_gs = ucp->uc_mcontext.mc_gs; 822 823 kern_sigprocmask(td, SIG_SETMASK, &ucp->uc_sigmask, NULL, 0); 824 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 825 return (EJUSTRETURN); 826 } 827 #endif /* COMPAT_FREEBSD4 */ 828 829 /* 830 * MPSAFE 831 */ 832 int 833 freebsd32_sigreturn(td, uap) 834 struct thread *td; 835 struct freebsd32_sigreturn_args /* { 836 const struct freebsd32_ucontext *sigcntxp; 837 } */ *uap; 838 { 839 struct ia32_ucontext uc; 840 struct trapframe *regs; 841 struct ia32_ucontext *ucp; 842 char *xfpustate; 843 size_t xfpustate_len; 844 int cs, eflags, error, ret; 845 ksiginfo_t ksi; 846 847 error = copyin(uap->sigcntxp, &uc, sizeof(uc)); 848 if (error != 0) 849 return (error); 850 ucp = &uc; 851 regs = td->td_frame; 852 eflags = ucp->uc_mcontext.mc_eflags; 853 /* 854 * Don't allow users to change privileged or reserved flags. 855 */ 856 if (!EFL_SECURE(eflags, regs->tf_rflags)) { 857 uprintf("pid %d (%s): freebsd32_sigreturn eflags = 0x%x\n", 858 td->td_proc->p_pid, td->td_name, eflags); 859 return (EINVAL); 860 } 861 862 /* 863 * Don't allow users to load a valid privileged %cs. Let the 864 * hardware check for invalid selectors, excess privilege in 865 * other selectors, invalid %eip's and invalid %esp's. 866 */ 867 cs = ucp->uc_mcontext.mc_cs; 868 if (!CS_SECURE(cs)) { 869 uprintf("pid %d (%s): sigreturn cs = 0x%x\n", 870 td->td_proc->p_pid, td->td_name, cs); 871 ksiginfo_init_trap(&ksi); 872 ksi.ksi_signo = SIGBUS; 873 ksi.ksi_code = BUS_OBJERR; 874 ksi.ksi_trapno = T_PROTFLT; 875 ksi.ksi_addr = (void *)regs->tf_rip; 876 trapsignal(td, &ksi); 877 return (EINVAL); 878 } 879 880 if ((ucp->uc_mcontext.mc_flags & _MC_HASFPXSTATE) != 0) { 881 xfpustate_len = uc.uc_mcontext.mc_xfpustate_len; 882 if (xfpustate_len > cpu_max_ext_state_size - 883 sizeof(struct savefpu)) { 884 uprintf("pid %d (%s): sigreturn xfpusave_len = 0x%zx\n", 885 td->td_proc->p_pid, td->td_name, xfpustate_len); 886 return (EINVAL); 887 } 888 xfpustate = __builtin_alloca(xfpustate_len); 889 error = copyin(PTRIN(ucp->uc_mcontext.mc_xfpustate), 890 xfpustate, xfpustate_len); 891 if (error != 0) { 892 uprintf( 893 "pid %d (%s): sigreturn copying xfpustate failed\n", 894 td->td_proc->p_pid, td->td_name); 895 return (error); 896 } 897 } else { 898 xfpustate = NULL; 899 xfpustate_len = 0; 900 } 901 ret = ia32_set_fpcontext(td, &ucp->uc_mcontext, xfpustate, 902 xfpustate_len); 903 if (ret != 0) { 904 uprintf("pid %d (%s): sigreturn set_fpcontext err %d\n", 905 td->td_proc->p_pid, td->td_name, ret); 906 return (ret); 907 } 908 909 regs->tf_rdi = ucp->uc_mcontext.mc_edi; 910 regs->tf_rsi = ucp->uc_mcontext.mc_esi; 911 regs->tf_rbp = ucp->uc_mcontext.mc_ebp; 912 regs->tf_rbx = ucp->uc_mcontext.mc_ebx; 913 regs->tf_rdx = ucp->uc_mcontext.mc_edx; 914 regs->tf_rcx = ucp->uc_mcontext.mc_ecx; 915 regs->tf_rax = ucp->uc_mcontext.mc_eax; 916 regs->tf_trapno = ucp->uc_mcontext.mc_trapno; 917 regs->tf_err = ucp->uc_mcontext.mc_err; 918 regs->tf_rip = ucp->uc_mcontext.mc_eip; 919 regs->tf_cs = cs; 920 regs->tf_rflags = ucp->uc_mcontext.mc_eflags; 921 regs->tf_rsp = ucp->uc_mcontext.mc_esp; 922 regs->tf_ss = ucp->uc_mcontext.mc_ss; 923 regs->tf_ds = ucp->uc_mcontext.mc_ds; 924 regs->tf_es = ucp->uc_mcontext.mc_es; 925 regs->tf_fs = ucp->uc_mcontext.mc_fs; 926 regs->tf_gs = ucp->uc_mcontext.mc_gs; 927 regs->tf_flags = TF_HASSEGS; 928 929 kern_sigprocmask(td, SIG_SETMASK, &ucp->uc_sigmask, NULL, 0); 930 set_pcb_flags(td->td_pcb, PCB_FULL_IRET); 931 return (EJUSTRETURN); 932 } 933 934 /* 935 * Clear registers on exec 936 */ 937 void 938 ia32_setregs(struct thread *td, struct image_params *imgp, u_long stack) 939 { 940 struct trapframe *regs = td->td_frame; 941 struct pcb *pcb = td->td_pcb; 942 943 if (td->td_proc->p_md.md_ldt != NULL) 944 user_ldt_free(td); 945 #ifdef COMPAT_43 946 setup_lcall_gate(); 947 #endif 948 949 pcb->pcb_fsbase = 0; 950 pcb->pcb_gsbase = 0; 951 pcb->pcb_initial_fpucw = __INITIAL_FPUCW_I386__; 952 953 bzero((char *)regs, sizeof(struct trapframe)); 954 regs->tf_rip = imgp->entry_addr; 955 regs->tf_rsp = stack; 956 regs->tf_rflags = PSL_USER | (regs->tf_rflags & PSL_T); 957 regs->tf_ss = _udatasel; 958 regs->tf_cs = _ucode32sel; 959 regs->tf_rbx = imgp->ps_strings; 960 regs->tf_ds = _udatasel; 961 regs->tf_es = _udatasel; 962 regs->tf_fs = _ufssel; 963 regs->tf_gs = _ugssel; 964 regs->tf_flags = TF_HASSEGS; 965 966 fpstate_drop(td); 967 968 /* Return via doreti so that we can change to a different %cs */ 969 set_pcb_flags(pcb, PCB_32BIT | PCB_FULL_IRET); 970 } 971