1# Copyright (c) 2007-2008 The Hewlett-Packard Development Company 2# All rights reserved. 3# 4# Redistribution and use of this software in source and binary forms, 5# with or without modification, are permitted provided that the 6# following conditions are met: 7# 8# The software must be used only for Non-Commercial Use which means any 9# use which is NOT directed to receiving any direct monetary 10# compensation for, or commercial advantage from such use. Illustrative 11# examples of non-commercial use are academic research, personal study, 12# teaching, education and corporate research & development. 13# Illustrative examples of commercial use are distributing products for 14# commercial advantage and providing services using the software for 15# commercial advantage. 16# 17# If you wish to use this software or functionality therein that may be 18# covered by patents for commercial use, please contact: 19# Director of Intellectual Property Licensing 20# Office of Strategy and Technology 21# Hewlett-Packard Company 22# 1501 Page Mill Road 23# Palo Alto, California 94304 24# 25# Redistributions of source code must retain the above copyright notice, 26# this list of conditions and the following disclaimer. Redistributions 27# in binary form must reproduce the above copyright notice, this list of 28# conditions and the following disclaimer in the documentation and/or 29# other materials provided with the distribution. Neither the name of 30# the COPYRIGHT HOLDER(s), HEWLETT-PACKARD COMPANY, nor the names of its 31# contributors may be used to endorse or promote products derived from 32# this software without specific prior written permission. No right of 33# sublicense is granted herewith. Derivatives of the software and 34# output created using the software may be prepared, but only for 35# Non-Commercial Uses. Derivatives of the software may be shared with 36# others provided: (i) the others agree to abide by the list of 37# conditions herein which includes the Non-Commercial Use restrictions; 38# and (ii) such Derivatives of the software include the above copyright 39# notice to acknowledge the contribution from this software where 40# applicable, this list of conditions and the disclaimer below. 41# 42# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 43# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 44# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 45# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 46# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 47# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 48# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 49# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 50# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 51# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 52# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 53# 54# Authors: Gabe Black 55 56microcode = ''' 57def macroop IRET_REAL { 58 panic "Real mode iret isn't implemented!" 59}; 60 61def macroop IRET_PROT { 62 .adjust_env oszIn64Override 63 64 # Check for a nested task. This isn't supported at the moment. 65 rflag t1, NT 66 panic "Task switching with iret is unimplemented!", flags=(nCEZF,) 67 68 #t1 = temp_RIP 69 #t2 = temp_CS 70 #t3 = temp_RFLAGS 71 #t4 = handy m5 register 72 73 # Pop temp_RIP, temp_CS, and temp_RFLAGS 74 ld t1, ss, [1, t0, rsp], "0 * env.stackSize", dataSize=ssz 75 ld t2, ss, [1, t0, rsp], "1 * env.stackSize", dataSize=ssz 76 ld t3, ss, [1, t0, rsp], "2 * env.stackSize", dataSize=ssz 77 78 79 80### 81### Handle if we're returning to virtual 8086 mode. 82### 83 84 #IF ((temp_RFLAGS.VM=1) && (CPL=0) && (LEGACY_MODE)) 85 # IRET_FROM_PROTECTED_TO_VIRTUAL 86 87 #temp_RFLAGS.VM != 1 88 rcri t0, t3, 18, flags=(ECF,) 89 br label("protToVirtFallThrough"), flags=(nCECF,) 90 91 #CPL=0 92 rdm5reg t4 93 andi t0, t4, 0x30, flags=(EZF,) 94 br label("protToVirtFallThrough"), flags=(nCEZF,) 95 96 #(LEGACY_MODE) 97 rcri t0, t4, 1, flags=(ECF,) 98 br label("protToVirtFallThrough"), flags=(nCECF,) 99 100 panic "iret to virtual mode not supported" 101 102protToVirtFallThrough: 103 104 105 106 #temp_CPL = temp_CS.rpl 107 andi t5, t2, 0x3 108 109 110### 111### Read in the info for the new CS segment. 112### 113 114 #CS = READ_DESCRIPTOR (temp_CS, iret_chk) 115 andi t0, t2, 0xFC, flags=(EZF,), dataSize=2 116 br label("processCSDescriptor"), flags=(CEZF,) 117 andi t6, t2, 0xF8, dataSize=8 118 andi t0, t2, 0x4, flags=(EZF,), dataSize=2 119 br label("globalCSDescriptor"), flags=(CEZF,) 120 ld t6, tsl, [1, t0, t6], dataSize=8 121 br label("processCSDescriptor") 122globalCSDescriptor: 123 ld t6, tsg, [1, t0, t6], dataSize=8 124processCSDescriptor: 125 chks t2, t6, dataSize=8 126 127 # This actually updates state which is wrong. It should wait until we know 128 # we're not going to fault. Unfortunately, that's hard to do. 129 wrdl cs, t6, t2 130 wrsel cs, t2 131 132 #CPL = temp_CPL 133 134 135### 136### Get the new stack pointer and stack segment off the old stack if necessary, 137### and piggyback on the logic to check the new RIP value. 138### 139 #IF ((64BIT_MODE) || (temp_CPL!=CPL)) 140 #{ 141 142 #(64BIT_MODE) 143 andi t0, t4, 0xE, flags=(EZF,) 144 # Since we just found out we're in 64 bit mode, take advantage and 145 # do the appropriate RIP checks. 146 br label("doPopStackStuffAndCheckRIP"), flags=(CEZF,) 147 148 # Here, we know we're -not- in 64 bit mode, so we should do the 149 # appropriate/other RIP checks. 150 # if temp_RIP > CS.limit throw #GP(0) 151 rdlimit t6, cs 152 subi t0, t1, t6, flags=(ECF,) 153 fault "new GeneralProtection(0)", flags=(CECF,) 154 155 #(temp_CPL!=CPL) 156 srli t7, t4, 4 157 xor t7, t7, t5 158 andi t0, t7, 0x3, flags=(EZF,) 159 br label("doPopStackStuff"), flags=(nCEZF,) 160 # We can modify user visible state here because we're know 161 # we're done with things that can fault. 162 addi rsp, rsp, "3 * env.stackSize" 163 br label("fallThroughPopStackStuff") 164 165doPopStackStuffAndCheckRIP: 166 # Check if the RIP is canonical. 167 sra t7, t1, 47, flags=(EZF,), dataSize=ssz 168 # if t7 isn't 0 or -1, it wasn't canonical. 169 br label("doPopStackStuff"), flags=(CEZF,) 170 addi t0, t7, 1, flags=(EZF,), dataSize=ssz 171 fault "new GeneralProtection(0)", flags=(nCEZF,) 172 173doPopStackStuff: 174 # POP.v temp_RSP 175 ld t6, ss, [1, t0, rsp], "3 * env.dataSize", dataSize=ssz 176 # POP.v temp_SS 177 ld t2, ss, [1, t0, rsp], "4 * env.dataSize", dataSize=ssz 178 # SS = READ_DESCRIPTOR (temp_SS, ss_chk) 179 andi t0, t2, 0xFC, flags=(EZF,), dataSize=2 180 br label("processSSDescriptor"), flags=(CEZF,) 181 andi t7, t2, 0xF8, dataSize=8 182 andi t0, t2, 0x4, flags=(EZF,), dataSize=2 183 br label("globalSSDescriptor"), flags=(CEZF,) 184 ld t7, tsl, [1, t0, t7], dataSize=8 185 br label("processSSDescriptor") 186globalSSDescriptor: 187 ld t7, tsg, [1, t0, t7], dataSize=8 188processSSDescriptor: 189 chks t2, t7, dataSize=8 190 191 # This actually updates state which is wrong. It should wait until we know 192 # we're not going to fault. Unfortunately, that's hard to do.
| 1# Copyright (c) 2007-2008 The Hewlett-Packard Development Company 2# All rights reserved. 3# 4# Redistribution and use of this software in source and binary forms, 5# with or without modification, are permitted provided that the 6# following conditions are met: 7# 8# The software must be used only for Non-Commercial Use which means any 9# use which is NOT directed to receiving any direct monetary 10# compensation for, or commercial advantage from such use. Illustrative 11# examples of non-commercial use are academic research, personal study, 12# teaching, education and corporate research & development. 13# Illustrative examples of commercial use are distributing products for 14# commercial advantage and providing services using the software for 15# commercial advantage. 16# 17# If you wish to use this software or functionality therein that may be 18# covered by patents for commercial use, please contact: 19# Director of Intellectual Property Licensing 20# Office of Strategy and Technology 21# Hewlett-Packard Company 22# 1501 Page Mill Road 23# Palo Alto, California 94304 24# 25# Redistributions of source code must retain the above copyright notice, 26# this list of conditions and the following disclaimer. Redistributions 27# in binary form must reproduce the above copyright notice, this list of 28# conditions and the following disclaimer in the documentation and/or 29# other materials provided with the distribution. Neither the name of 30# the COPYRIGHT HOLDER(s), HEWLETT-PACKARD COMPANY, nor the names of its 31# contributors may be used to endorse or promote products derived from 32# this software without specific prior written permission. No right of 33# sublicense is granted herewith. Derivatives of the software and 34# output created using the software may be prepared, but only for 35# Non-Commercial Uses. Derivatives of the software may be shared with 36# others provided: (i) the others agree to abide by the list of 37# conditions herein which includes the Non-Commercial Use restrictions; 38# and (ii) such Derivatives of the software include the above copyright 39# notice to acknowledge the contribution from this software where 40# applicable, this list of conditions and the disclaimer below. 41# 42# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 43# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 44# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 45# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 46# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 47# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 48# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 49# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 50# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 51# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 52# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 53# 54# Authors: Gabe Black 55 56microcode = ''' 57def macroop IRET_REAL { 58 panic "Real mode iret isn't implemented!" 59}; 60 61def macroop IRET_PROT { 62 .adjust_env oszIn64Override 63 64 # Check for a nested task. This isn't supported at the moment. 65 rflag t1, NT 66 panic "Task switching with iret is unimplemented!", flags=(nCEZF,) 67 68 #t1 = temp_RIP 69 #t2 = temp_CS 70 #t3 = temp_RFLAGS 71 #t4 = handy m5 register 72 73 # Pop temp_RIP, temp_CS, and temp_RFLAGS 74 ld t1, ss, [1, t0, rsp], "0 * env.stackSize", dataSize=ssz 75 ld t2, ss, [1, t0, rsp], "1 * env.stackSize", dataSize=ssz 76 ld t3, ss, [1, t0, rsp], "2 * env.stackSize", dataSize=ssz 77 78 79 80### 81### Handle if we're returning to virtual 8086 mode. 82### 83 84 #IF ((temp_RFLAGS.VM=1) && (CPL=0) && (LEGACY_MODE)) 85 # IRET_FROM_PROTECTED_TO_VIRTUAL 86 87 #temp_RFLAGS.VM != 1 88 rcri t0, t3, 18, flags=(ECF,) 89 br label("protToVirtFallThrough"), flags=(nCECF,) 90 91 #CPL=0 92 rdm5reg t4 93 andi t0, t4, 0x30, flags=(EZF,) 94 br label("protToVirtFallThrough"), flags=(nCEZF,) 95 96 #(LEGACY_MODE) 97 rcri t0, t4, 1, flags=(ECF,) 98 br label("protToVirtFallThrough"), flags=(nCECF,) 99 100 panic "iret to virtual mode not supported" 101 102protToVirtFallThrough: 103 104 105 106 #temp_CPL = temp_CS.rpl 107 andi t5, t2, 0x3 108 109 110### 111### Read in the info for the new CS segment. 112### 113 114 #CS = READ_DESCRIPTOR (temp_CS, iret_chk) 115 andi t0, t2, 0xFC, flags=(EZF,), dataSize=2 116 br label("processCSDescriptor"), flags=(CEZF,) 117 andi t6, t2, 0xF8, dataSize=8 118 andi t0, t2, 0x4, flags=(EZF,), dataSize=2 119 br label("globalCSDescriptor"), flags=(CEZF,) 120 ld t6, tsl, [1, t0, t6], dataSize=8 121 br label("processCSDescriptor") 122globalCSDescriptor: 123 ld t6, tsg, [1, t0, t6], dataSize=8 124processCSDescriptor: 125 chks t2, t6, dataSize=8 126 127 # This actually updates state which is wrong. It should wait until we know 128 # we're not going to fault. Unfortunately, that's hard to do. 129 wrdl cs, t6, t2 130 wrsel cs, t2 131 132 #CPL = temp_CPL 133 134 135### 136### Get the new stack pointer and stack segment off the old stack if necessary, 137### and piggyback on the logic to check the new RIP value. 138### 139 #IF ((64BIT_MODE) || (temp_CPL!=CPL)) 140 #{ 141 142 #(64BIT_MODE) 143 andi t0, t4, 0xE, flags=(EZF,) 144 # Since we just found out we're in 64 bit mode, take advantage and 145 # do the appropriate RIP checks. 146 br label("doPopStackStuffAndCheckRIP"), flags=(CEZF,) 147 148 # Here, we know we're -not- in 64 bit mode, so we should do the 149 # appropriate/other RIP checks. 150 # if temp_RIP > CS.limit throw #GP(0) 151 rdlimit t6, cs 152 subi t0, t1, t6, flags=(ECF,) 153 fault "new GeneralProtection(0)", flags=(CECF,) 154 155 #(temp_CPL!=CPL) 156 srli t7, t4, 4 157 xor t7, t7, t5 158 andi t0, t7, 0x3, flags=(EZF,) 159 br label("doPopStackStuff"), flags=(nCEZF,) 160 # We can modify user visible state here because we're know 161 # we're done with things that can fault. 162 addi rsp, rsp, "3 * env.stackSize" 163 br label("fallThroughPopStackStuff") 164 165doPopStackStuffAndCheckRIP: 166 # Check if the RIP is canonical. 167 sra t7, t1, 47, flags=(EZF,), dataSize=ssz 168 # if t7 isn't 0 or -1, it wasn't canonical. 169 br label("doPopStackStuff"), flags=(CEZF,) 170 addi t0, t7, 1, flags=(EZF,), dataSize=ssz 171 fault "new GeneralProtection(0)", flags=(nCEZF,) 172 173doPopStackStuff: 174 # POP.v temp_RSP 175 ld t6, ss, [1, t0, rsp], "3 * env.dataSize", dataSize=ssz 176 # POP.v temp_SS 177 ld t2, ss, [1, t0, rsp], "4 * env.dataSize", dataSize=ssz 178 # SS = READ_DESCRIPTOR (temp_SS, ss_chk) 179 andi t0, t2, 0xFC, flags=(EZF,), dataSize=2 180 br label("processSSDescriptor"), flags=(CEZF,) 181 andi t7, t2, 0xF8, dataSize=8 182 andi t0, t2, 0x4, flags=(EZF,), dataSize=2 183 br label("globalSSDescriptor"), flags=(CEZF,) 184 ld t7, tsl, [1, t0, t7], dataSize=8 185 br label("processSSDescriptor") 186globalSSDescriptor: 187 ld t7, tsg, [1, t0, t7], dataSize=8 188processSSDescriptor: 189 chks t2, t7, dataSize=8 190 191 # This actually updates state which is wrong. It should wait until we know 192 # we're not going to fault. Unfortunately, that's hard to do.
|