# Copyright (c) 2007-2008 The Hewlett-Packard Development Company # All rights reserved. # # The license below extends only to copyright in the software and shall # not be construed as granting a license to any other intellectual # property including but not limited to intellectual property relating # to a hardware implementation of the functionality of the software # licensed hereunder. You may use the software subject to the license # terms below provided that you ensure that this notice is replicated # unmodified and in its entirety in all distributions of the software, # modified or unmodified, in source code or in binary form. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer; # redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution; # neither the name of the copyright holders nor the names of its # contributors may be used to endorse or promote products derived from # this software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # # Authors: Gabe Black microcode = ''' def macroop IRET_REAL { .serializing panic "Real mode iret isn't implemented!" }; def macroop IRET_PROT { .serializing .adjust_env oszIn64Override # Check for a nested task. This isn't supported at the moment. rflag t1, 14; #NT bit panic "Task switching with iret is unimplemented!", flags=(nCEZF,) #t1 = temp_RIP #t2 = temp_CS #t3 = temp_RFLAGS #t4 = handy m5 register # Pop temp_RIP, temp_CS, and temp_RFLAGS ld t1, ss, [1, t0, rsp], "0 * env.stackSize", dataSize=ssz ld t2, ss, [1, t0, rsp], "1 * env.stackSize", dataSize=ssz ld t3, ss, [1, t0, rsp], "2 * env.stackSize", dataSize=ssz # Read the handy m5 register for use later rdm5reg t4 ### ### Handle if we're returning to virtual 8086 mode. ### #IF ((temp_RFLAGS.VM=1) && (CPL=0) && (LEGACY_MODE)) # IRET_FROM_PROTECTED_TO_VIRTUAL #temp_RFLAGS.VM != 1 rcri t0, t3, 18, flags=(ECF,) br label("protToVirtFallThrough"), flags=(nCECF,) #CPL=0 andi t0, t4, 0x30, flags=(EZF,) br label("protToVirtFallThrough"), flags=(nCEZF,) #(LEGACY_MODE) rcri t0, t4, 1, flags=(ECF,) br label("protToVirtFallThrough"), flags=(nCECF,) panic "iret to virtual mode not supported" protToVirtFallThrough: #temp_CPL = temp_CS.rpl andi t5, t2, 0x3 ### ### Read in the info for the new CS segment. ### #CS = READ_DESCRIPTOR (temp_CS, iret_chk) andi t0, t2, 0xFC, flags=(EZF,), dataSize=2 br label("processCSDescriptor"), flags=(CEZF,) andi t6, t2, 0xF8, dataSize=8 andi t0, t2, 0x4, flags=(EZF,), dataSize=2 br label("globalCSDescriptor"), flags=(CEZF,) ld t8, tsl, [1, t0, t6], dataSize=8, atCPL0=True br label("processCSDescriptor") globalCSDescriptor: ld t8, tsg, [1, t0, t6], dataSize=8, atCPL0=True processCSDescriptor: chks t2, t6, dataSize=8 ### ### Get the new stack pointer and stack segment off the old stack if necessary, ### and piggyback on the logic to check the new RIP value. ### #IF ((64BIT_MODE) || (temp_CPL!=CPL)) #{ #(64BIT_MODE) andi t0, t4, 0xE, flags=(EZF,) # Since we just found out we're in 64 bit mode, take advantage and # do the appropriate RIP checks. br label("doPopStackStuffAndCheckRIP"), flags=(CEZF,) # Here, we know we're -not- in 64 bit mode, so we should do the # appropriate/other RIP checks. # if temp_RIP > CS.limit throw #GP(0) rdlimit t6, cs, dataSize=8 sub t0, t1, t6, flags=(ECF,) fault "std::make_shared(0)", flags=(CECF,) #(temp_CPL!=CPL) srli t7, t4, 4 xor t7, t7, t5 andi t0, t7, 0x3, flags=(EZF,) br label("doPopStackStuff"), flags=(nCEZF,) # We can modify user visible state here because we're know # we're done with things that can fault. addi rsp, rsp, "3 * env.stackSize" br label("fallThroughPopStackStuff") doPopStackStuffAndCheckRIP: # Check if the RIP is canonical. srai t7, t1, 47, flags=(EZF,), dataSize=ssz # if t7 isn't 0 or -1, it wasn't canonical. br label("doPopStackStuff"), flags=(CEZF,) addi t0, t7, 1, flags=(EZF,), dataSize=ssz fault "std::make_shared(0)", flags=(nCEZF,) doPopStackStuff: # POP.v temp_RSP ld t6, ss, [1, t0, rsp], "3 * env.dataSize", dataSize=ssz # POP.v temp_SS ld t9, ss, [1, t0, rsp], "4 * env.dataSize", dataSize=ssz # SS = READ_DESCRIPTOR (temp_SS, ss_chk) andi t0, t9, 0xFC, flags=(EZF,), dataSize=2 br label("processSSDescriptor"), flags=(CEZF,) andi t7, t9, 0xF8, dataSize=8 andi t0, t9, 0x4, flags=(EZF,), dataSize=2 br label("globalSSDescriptor"), flags=(CEZF,) ld t7, tsl, [1, t0, t7], dataSize=8, atCPL0=True br label("processSSDescriptor") globalSSDescriptor: ld t7, tsg, [1, t0, t7], dataSize=8, atCPL0=True processSSDescriptor: chks t9, t7, dataSize=8 # This actually updates state which is wrong. It should wait until we know # we're not going to fault. Unfortunately, that's hard to do. wrdl ss, t7, t9 wrsel ss, t9 ### ### From this point downwards, we can't fault. We can update user visible state. ### # RSP.s = temp_RSP mov rsp, rsp, t6, dataSize=ssz #} fallThroughPopStackStuff: # Update CS wrdl cs, t8, t2 wrsel cs, t2 #CPL = temp_CPL #IF (changing CPL) #{ srli t7, t4, 4 xor t7, t7, t5 andi t0, t7, 0x3, flags=(EZF,) br label("skipSegmentSquashing"), flags=(CEZF,) # The attribute register needs to keep track of more info before this will # work the way it needs to. # FOR (seg = ES, DS, FS, GS) # IF ((seg.attr.dpl < cpl && ((seg.attr.type = 'data') # || (seg.attr.type = 'non-conforming-code'))) # { # seg = NULL # } #} skipSegmentSquashing: # Ignore this for now. #RFLAGS.v = temp_RFLAGS wrflags t0, t3 # VIF,VIP,IOPL only changed if (old_CPL = 0) # IF only changed if (old_CPL <= old_RFLAGS.IOPL) # VM unchanged # RF cleared #RIP = temp_RIP wrip t0, t1, dataSize=ssz }; def macroop IRET_VIRT { panic "Virtual mode iret isn't implemented!" }; def macroop INT3 { limm t1, 0x03, dataSize=8 rdip t7 # Are we in long mode? rdm5reg t5 andi t0, t5, 0x1, flags=(EZF,) br rom_label("longModeSoftInterrupt"), flags=(CEZF,) br rom_label("legacyModeInterrupt") }; def macroop INT_I { #load the byte-sized interrupt vector specified in the instruction .adjust_imm trimImm(8) limm t1, imm, dataSize=8 rdip t7 # Are we in long mode? rdm5reg t5 andi t0, t5, 0x1, flags=(EZF,) br rom_label("longModeSoftInterrupt"), flags=(CEZF,) br rom_label("legacyModeInterrupt") }; ''' #let {{ # class INT(Inst): # "GenFault ${new UnimpInstFault}" # class INTO(Inst): # "GenFault ${new UnimpInstFault}" #}};