2005-04-21 16:53:53 +02:00
|
|
|
/* This file contains code for initialization of protected mode, to initialize
|
|
|
|
* code and data segment descriptors, and to initialize global descriptors
|
|
|
|
* for local descriptors in the process table.
|
|
|
|
*/
|
|
|
|
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
#include "../../kernel.h"
|
|
|
|
#include "../../proc.h"
|
|
|
|
#include <archconst.h>
|
|
|
|
|
|
|
|
#include "proto.h"
|
2005-04-21 16:53:53 +02:00
|
|
|
|
|
|
|
#define INT_GATE_TYPE (INT_286_GATE | DESC_386_BIT)
|
|
|
|
#define TSS_TYPE (AVL_286_TSS | DESC_386_BIT)
|
|
|
|
|
|
|
|
struct desctableptr_s {
|
|
|
|
char limit[sizeof(u16_t)];
|
|
|
|
char base[sizeof(u32_t)]; /* really u24_t + pad for 286 */
|
|
|
|
};
|
|
|
|
|
|
|
|
struct gatedesc_s {
|
|
|
|
u16_t offset_low;
|
|
|
|
u16_t selector;
|
|
|
|
u8_t pad; /* |000|XXXXX| ig & trpg, |XXXXXXXX| task g */
|
|
|
|
u8_t p_dpl_type; /* |P|DL|0|TYPE| */
|
|
|
|
u16_t offset_high;
|
|
|
|
};
|
|
|
|
|
|
|
|
PUBLIC struct segdesc_s gdt[GDT_SIZE]; /* used in klib.s and mpx.s */
|
|
|
|
PRIVATE struct gatedesc_s idt[IDT_SIZE]; /* zero-init so none present */
|
|
|
|
PUBLIC struct tss_s tss; /* zero init */
|
|
|
|
|
|
|
|
FORWARD _PROTOTYPE( void sdesc, (struct segdesc_s *segdp, phys_bytes base,
|
|
|
|
vir_bytes size) );
|
|
|
|
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
/*===========================================================================*
|
|
|
|
* enable_iop *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC void enable_iop(struct proc *pp)
|
|
|
|
{
|
|
|
|
/* Allow a user process to use I/O instructions. Change the I/O Permission
|
|
|
|
* Level bits in the psw. These specify least-privileged Current Permission
|
|
|
|
* Level allowed to execute I/O instructions. Users and servers have CPL 3.
|
|
|
|
* You can't have less privilege than that. Kernel has CPL 0, tasks CPL 1.
|
|
|
|
*/
|
|
|
|
pp->p_reg.psw |= 0x3000;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* seg2phys *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC phys_bytes seg2phys(U16_t seg)
|
|
|
|
{
|
|
|
|
/* Return the base address of a segment, with seg being a
|
|
|
|
* register, or a 286/386 segment selector.
|
|
|
|
*/
|
|
|
|
phys_bytes base;
|
|
|
|
struct segdesc_s *segdp;
|
|
|
|
|
|
|
|
segdp = &gdt[seg >> 3];
|
|
|
|
base = ((u32_t) segdp->base_low << 0)
|
|
|
|
| ((u32_t) segdp->base_middle << 16)
|
|
|
|
| ((u32_t) segdp->base_high << 24);
|
|
|
|
return base;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* phys2seg *
|
|
|
|
*===========================================================================*/
|
2010-01-25 19:13:48 +01:00
|
|
|
PRIVATE void phys2seg(u16_t *seg, vir_bytes *off, phys_bytes phys)
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
{
|
|
|
|
/* Return a segment selector and offset that can be used to reach a physical
|
|
|
|
* address, for use by a driver doing memory I/O in the A0000 - DFFFF range.
|
|
|
|
*/
|
|
|
|
*seg = FLAT_DS_SELECTOR;
|
2010-01-25 19:13:48 +01:00
|
|
|
*off = (vir_bytes) phys;
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* init_dataseg *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC void init_dataseg(register struct segdesc_s *segdp,
|
|
|
|
phys_bytes base, vir_bytes size, int privilege)
|
|
|
|
{
|
|
|
|
/* Build descriptor for a data segment. */
|
|
|
|
sdesc(segdp, base, size);
|
|
|
|
segdp->access = (privilege << DPL_SHIFT) | (PRESENT | SEGMENT |
|
|
|
|
WRITEABLE);
|
|
|
|
/* EXECUTABLE = 0, EXPAND_DOWN = 0, ACCESSED = 0 */
|
|
|
|
}
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* init_codeseg *
|
|
|
|
*===========================================================================*/
|
2010-01-25 19:13:48 +01:00
|
|
|
PRIVATE void init_codeseg(register struct segdesc_s *segdp, phys_bytes base,
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
vir_bytes size, int privilege)
|
|
|
|
{
|
|
|
|
/* Build descriptor for a code segment. */
|
|
|
|
sdesc(segdp, base, size);
|
|
|
|
segdp->access = (privilege << DPL_SHIFT)
|
|
|
|
| (PRESENT | SEGMENT | EXECUTABLE | READABLE);
|
|
|
|
/* CONFORMING = 0, ACCESSED = 0 */
|
|
|
|
}
|
|
|
|
|
2009-08-28 17:55:30 +02:00
|
|
|
PUBLIC struct gate_table_s gate_table_pic[] = {
|
2005-04-21 16:53:53 +02:00
|
|
|
{ hwint00, VECTOR( 0), INTR_PRIVILEGE },
|
|
|
|
{ hwint01, VECTOR( 1), INTR_PRIVILEGE },
|
|
|
|
{ hwint02, VECTOR( 2), INTR_PRIVILEGE },
|
|
|
|
{ hwint03, VECTOR( 3), INTR_PRIVILEGE },
|
|
|
|
{ hwint04, VECTOR( 4), INTR_PRIVILEGE },
|
|
|
|
{ hwint05, VECTOR( 5), INTR_PRIVILEGE },
|
|
|
|
{ hwint06, VECTOR( 6), INTR_PRIVILEGE },
|
|
|
|
{ hwint07, VECTOR( 7), INTR_PRIVILEGE },
|
|
|
|
{ hwint08, VECTOR( 8), INTR_PRIVILEGE },
|
|
|
|
{ hwint09, VECTOR( 9), INTR_PRIVILEGE },
|
|
|
|
{ hwint10, VECTOR(10), INTR_PRIVILEGE },
|
|
|
|
{ hwint11, VECTOR(11), INTR_PRIVILEGE },
|
|
|
|
{ hwint12, VECTOR(12), INTR_PRIVILEGE },
|
|
|
|
{ hwint13, VECTOR(13), INTR_PRIVILEGE },
|
|
|
|
{ hwint14, VECTOR(14), INTR_PRIVILEGE },
|
|
|
|
{ hwint15, VECTOR(15), INTR_PRIVILEGE },
|
2009-08-28 17:55:30 +02:00
|
|
|
{ NULL, 0, 0}
|
|
|
|
};
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* prot_init *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC void prot_init(void)
|
|
|
|
{
|
|
|
|
/* Set up tables for protected mode.
|
|
|
|
* All GDT slots are allocated at compile time.
|
|
|
|
*/
|
|
|
|
struct desctableptr_s *dtp;
|
|
|
|
unsigned ldt_index;
|
|
|
|
register struct proc *rp;
|
2005-04-21 16:53:53 +02:00
|
|
|
|
Primary goal for these changes is:
- no longer have kernel have its own page table that is loaded
on every kernel entry (trap, interrupt, exception). the primary
purpose is to reduce the number of required reloads.
Result:
- kernel can only access memory of process that was running when
kernel was entered
- kernel must be mapped into every process page table, so traps to
kernel keep working
Problem:
- kernel must often access memory of arbitrary processes (e.g. send
arbitrary processes messages); this can't happen directly any more;
usually because that process' page table isn't loaded at all, sometimes
because that memory isn't mapped in at all, sometimes because it isn't
mapped in read-write.
So:
- kernel must be able to map in memory of any process, in its own
address space.
Implementation:
- VM and kernel share a range of memory in which addresses of
all page tables of all processes are available. This has two purposes:
. Kernel has to know what data to copy in order to map in a range
. Kernel has to know where to write the data in order to map it in
That last point is because kernel has to write in the currently loaded
page table.
- Processes and kernel are separated through segments; kernel segments
haven't changed.
- The kernel keeps the process whose page table is currently loaded
in 'ptproc.'
- If it wants to map in a range of memory, it writes the value of the
page directory entry for that range into the page directory entry
in the currently loaded map. There is a slot reserved for such
purposes. The kernel can then access this memory directly.
- In order to do this, its segment has been increased (and the
segments of processes start where it ends).
- In the pagefault handler, detect if the kernel is doing
'trappable' memory access (i.e. a pagefault isn't a fatal
error) and if so,
- set the saved instruction pointer to phys_copy_fault,
breaking out of phys_copy
- set the saved eax register to the address of the page
fault, both for sanity checking and for checking in
which of the two ranges that phys_copy was called
with the fault occured
- Some boot-time processes do not have their own page table,
and are mapped in with the kernel, and separated with
segments. The kernel detects this using HASPT. If such a
process has to be scheduled, any page table will work and
no page table switch is done.
Major changes in kernel are
- When accessing user processes memory, kernel no longer
explicitly checks before it does so if that memory is OK.
It simply makes the mapping (if necessary), tries to do the
operation, and traps the pagefault if that memory isn't present;
if that happens, the copy function returns EFAULT.
So all of the CHECKRANGE_OR_SUSPEND macros are gone.
- Kernel no longer has to copy/read and parse page tables.
- A message copying optimisation: when messages are copied, and
the recipient isn't mapped in, they are copied into a buffer
in the kernel. This is done in QueueMess. The next time
the recipient is scheduled, this message is copied into
its memory. This happens in schedcheck().
This eliminates the mapping/copying step for messages, and makes
it easier to deliver messages. This eliminates soft_notify.
- Kernel no longer creates a page table at all, so the vm_setbuf
and pagetable writing in memory.c is gone.
Minor changes in kernel are
- ipc_stats thrown out, wasn't used
- misc flags all renamed to MF_*
- NOREC_* macros to enter and leave functions that should not
be called recursively; just sanity checks really
- code to fully decode segment selectors and descriptors
to print on exceptions
- lots of vmassert()s added, only executed if DEBUG_VMASSERT is 1
2009-09-21 16:31:52 +02:00
|
|
|
/* Click-round kernel. */
|
|
|
|
if(kinfo.data_base % CLICK_SIZE)
|
|
|
|
minix_panic("kinfo.data_base not aligned", NO_NUM);
|
2010-01-14 16:24:16 +01:00
|
|
|
kinfo.data_size = (phys_bytes) (CLICK_CEIL(kinfo.data_size));
|
2009-11-16 22:41:44 +01:00
|
|
|
|
2005-04-21 16:53:53 +02:00
|
|
|
/* Build gdt and idt pointers in GDT where the BIOS expects them. */
|
|
|
|
dtp= (struct desctableptr_s *) &gdt[GDT_INDEX];
|
|
|
|
* (u16_t *) dtp->limit = (sizeof gdt) - 1;
|
|
|
|
* (u32_t *) dtp->base = vir2phys(gdt);
|
|
|
|
|
|
|
|
dtp= (struct desctableptr_s *) &gdt[IDT_INDEX];
|
|
|
|
* (u16_t *) dtp->limit = (sizeof idt) - 1;
|
|
|
|
* (u32_t *) dtp->base = vir2phys(idt);
|
|
|
|
|
|
|
|
/* Build segment descriptors for tasks and interrupt handlers. */
|
2005-08-29 18:47:18 +02:00
|
|
|
init_codeseg(&gdt[CS_INDEX],
|
|
|
|
kinfo.code_base, kinfo.code_size, INTR_PRIVILEGE);
|
|
|
|
init_dataseg(&gdt[DS_INDEX],
|
|
|
|
kinfo.data_base, kinfo.data_size, INTR_PRIVILEGE);
|
2010-02-09 16:23:31 +01:00
|
|
|
init_dataseg(&gdt[ES_INDEX], 0L, 0, INTR_PRIVILEGE);
|
2005-04-21 16:53:53 +02:00
|
|
|
|
|
|
|
/* Build local descriptors in GDT for LDT's in process table.
|
|
|
|
* The LDT's are allocated at compile time in the process table, and
|
|
|
|
* initialized whenever a process' map is initialized or changed.
|
|
|
|
*/
|
|
|
|
for (rp = BEG_PROC_ADDR, ldt_index = FIRST_LDT_INDEX;
|
|
|
|
rp < END_PROC_ADDR; ++rp, ldt_index++) {
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
init_dataseg(&gdt[ldt_index], vir2phys(rp->p_seg.p_ldt),
|
|
|
|
sizeof(rp->p_seg.p_ldt), INTR_PRIVILEGE);
|
2005-04-21 16:53:53 +02:00
|
|
|
gdt[ldt_index].access = PRESENT | LDT;
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
rp->p_seg.p_ldt_sel = ldt_index * DESC_SIZE;
|
2005-04-21 16:53:53 +02:00
|
|
|
}
|
|
|
|
|
2009-11-06 10:08:26 +01:00
|
|
|
/* Build main TSS */
|
2005-04-21 16:53:53 +02:00
|
|
|
tss.ss0 = DS_SELECTOR;
|
|
|
|
init_dataseg(&gdt[TSS_INDEX], vir2phys(&tss), sizeof(tss), INTR_PRIVILEGE);
|
|
|
|
gdt[TSS_INDEX].access = PRESENT | (INTR_PRIVILEGE << DPL_SHIFT) | TSS_TYPE;
|
|
|
|
|
|
|
|
/* Complete building of main TSS. */
|
|
|
|
tss.iobase = sizeof tss; /* empty i/o permissions map */
|
|
|
|
}
|
|
|
|
|
2009-08-28 17:55:30 +02:00
|
|
|
PUBLIC void idt_copy_vectors(struct gate_table_s * first)
|
|
|
|
{
|
|
|
|
struct gate_table_s *gtp;
|
|
|
|
for (gtp = first; gtp->gate; gtp++) {
|
|
|
|
int_gate(gtp->vec_nr, (vir_bytes) gtp->gate,
|
|
|
|
PRESENT | INT_GATE_TYPE |
|
|
|
|
(gtp->privilege << DPL_SHIFT));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Build descriptors for interrupt gates in IDT. */
|
|
|
|
PUBLIC void idt_init(void)
|
|
|
|
{
|
|
|
|
struct gate_table_s gate_table[] = {
|
|
|
|
{ divide_error, DIVIDE_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ single_step_exception, DEBUG_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ nmi, NMI_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ breakpoint_exception, BREAKPOINT_VECTOR, USER_PRIVILEGE },
|
|
|
|
{ overflow, OVERFLOW_VECTOR, USER_PRIVILEGE },
|
|
|
|
{ bounds_check, BOUNDS_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ inval_opcode, INVAL_OP_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ copr_not_available, COPROC_NOT_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ double_fault, DOUBLE_FAULT_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ copr_seg_overrun, COPROC_SEG_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ inval_tss, INVAL_TSS_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ segment_not_present, SEG_NOT_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ stack_exception, STACK_FAULT_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ general_protection, PROTECTION_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ page_fault, PAGE_FAULT_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ copr_error, COPROC_ERR_VECTOR, INTR_PRIVILEGE },
|
2009-12-02 14:01:48 +01:00
|
|
|
{ alignment_check, ALIGNMENT_CHECK_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ machine_check, MACHINE_CHECK_VECTOR, INTR_PRIVILEGE },
|
|
|
|
{ simd_exception, SIMD_EXCEPTION_VECTOR, INTR_PRIVILEGE },
|
2010-02-09 16:20:09 +01:00
|
|
|
{ ipc_entry, IPC_VECTOR, USER_PRIVILEGE },
|
|
|
|
{ kernel_call_entry, KERN_CALL_VECTOR, USER_PRIVILEGE },
|
2009-08-28 17:55:30 +02:00
|
|
|
{ NULL, 0, 0}
|
|
|
|
};
|
|
|
|
|
|
|
|
idt_copy_vectors(gate_table);
|
|
|
|
idt_copy_vectors(gate_table_pic);
|
|
|
|
}
|
2005-04-21 16:53:53 +02:00
|
|
|
|
|
|
|
|
2005-09-11 18:44:06 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* sdesc *
|
|
|
|
*===========================================================================*/
|
2005-04-21 16:53:53 +02:00
|
|
|
PRIVATE void sdesc(segdp, base, size)
|
|
|
|
register struct segdesc_s *segdp;
|
|
|
|
phys_bytes base;
|
|
|
|
vir_bytes size;
|
|
|
|
{
|
|
|
|
/* Fill in the size fields (base, limit and granularity) of a descriptor. */
|
|
|
|
segdp->base_low = base;
|
|
|
|
segdp->base_middle = base >> BASE_MIDDLE_SHIFT;
|
|
|
|
segdp->base_high = base >> BASE_HIGH_SHIFT;
|
|
|
|
|
|
|
|
--size; /* convert to a limit, 0 size means 4G */
|
|
|
|
if (size > BYTE_GRAN_MAX) {
|
|
|
|
segdp->limit_low = size >> PAGE_GRAN_SHIFT;
|
|
|
|
segdp->granularity = GRANULAR | (size >>
|
|
|
|
(PAGE_GRAN_SHIFT + GRANULARITY_SHIFT));
|
|
|
|
} else {
|
|
|
|
segdp->limit_low = size;
|
|
|
|
segdp->granularity = size >> GRANULARITY_SHIFT;
|
|
|
|
}
|
|
|
|
segdp->granularity |= DEFAULT; /* means BIG for data seg */
|
|
|
|
}
|
|
|
|
|
2005-09-11 18:44:06 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* int_gate *
|
|
|
|
*===========================================================================*/
|
2009-11-16 22:41:44 +01:00
|
|
|
PUBLIC void int_gate(vec_nr, offset, dpl_type)
|
2005-04-21 16:53:53 +02:00
|
|
|
unsigned vec_nr;
|
|
|
|
vir_bytes offset;
|
|
|
|
unsigned dpl_type;
|
|
|
|
{
|
|
|
|
/* Build descriptor for an interrupt gate. */
|
|
|
|
register struct gatedesc_s *idp;
|
|
|
|
|
|
|
|
idp = &idt[vec_nr];
|
|
|
|
idp->offset_low = offset;
|
|
|
|
idp->selector = CS_SELECTOR;
|
|
|
|
idp->p_dpl_type = dpl_type;
|
|
|
|
idp->offset_high = offset >> OFFSET_HIGH_SHIFT;
|
|
|
|
}
|
2005-04-29 17:36:43 +02:00
|
|
|
|
2005-09-11 18:44:06 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* alloc_segments *
|
|
|
|
*===========================================================================*/
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
PUBLIC void alloc_segments(register struct proc *rp)
|
2005-04-29 17:36:43 +02:00
|
|
|
{
|
|
|
|
/* This is called at system initialization from main() and by do_newmap().
|
|
|
|
* The code has a separate function because of all hardware-dependencies.
|
|
|
|
*/
|
|
|
|
phys_bytes code_bytes;
|
|
|
|
phys_bytes data_bytes;
|
|
|
|
int privilege;
|
|
|
|
|
|
|
|
data_bytes = (phys_bytes) (rp->p_memmap[S].mem_vir +
|
|
|
|
rp->p_memmap[S].mem_len) << CLICK_SHIFT;
|
|
|
|
if (rp->p_memmap[T].mem_len == 0)
|
|
|
|
code_bytes = data_bytes; /* common I&D, poor protect */
|
|
|
|
else
|
|
|
|
code_bytes = (phys_bytes) rp->p_memmap[T].mem_len << CLICK_SHIFT;
|
2010-02-09 16:23:31 +01:00
|
|
|
privilege = USER_PRIVILEGE;
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
init_codeseg(&rp->p_seg.p_ldt[CS_LDT_INDEX],
|
2005-04-29 17:36:43 +02:00
|
|
|
(phys_bytes) rp->p_memmap[T].mem_phys << CLICK_SHIFT,
|
|
|
|
code_bytes, privilege);
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
init_dataseg(&rp->p_seg.p_ldt[DS_LDT_INDEX],
|
2005-04-29 17:36:43 +02:00
|
|
|
(phys_bytes) rp->p_memmap[D].mem_phys << CLICK_SHIFT,
|
|
|
|
data_bytes, privilege);
|
|
|
|
rp->p_reg.cs = (CS_LDT_INDEX * DESC_SIZE) | TI | privilege;
|
|
|
|
rp->p_reg.gs =
|
|
|
|
rp->p_reg.fs =
|
|
|
|
rp->p_reg.ss =
|
|
|
|
rp->p_reg.es =
|
|
|
|
rp->p_reg.ds = (DS_LDT_INDEX*DESC_SIZE) | TI | privilege;
|
|
|
|
}
|
|
|
|
|
2009-09-25 13:12:06 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* check_segments *
|
|
|
|
*===========================================================================*/
|
2010-01-25 19:13:48 +01:00
|
|
|
PRIVATE void check_segments(char *File, int line)
|
2009-09-25 13:12:06 +02:00
|
|
|
{
|
|
|
|
int checked = 0;
|
|
|
|
int fail = 0;
|
|
|
|
struct proc *rp;
|
|
|
|
for (rp = BEG_PROC_ADDR; rp < END_PROC_ADDR; ++rp) {
|
|
|
|
|
|
|
|
int privilege;
|
|
|
|
int cs, ds;
|
|
|
|
|
2009-11-12 09:35:26 +01:00
|
|
|
if (isemptyp(rp))
|
2009-09-25 13:12:06 +02:00
|
|
|
continue;
|
|
|
|
|
|
|
|
privilege = USER_PRIVILEGE;
|
|
|
|
|
|
|
|
cs = (CS_LDT_INDEX*DESC_SIZE) | TI | privilege;
|
|
|
|
ds = (DS_LDT_INDEX*DESC_SIZE) | TI | privilege;
|
|
|
|
|
|
|
|
#define CHECK(s1, s2) if(s1 != s2) { \
|
|
|
|
printf("%s:%d: " #s1 " != " #s2 " for ep %d\n", \
|
|
|
|
File, line, rp->p_endpoint); fail++; } checked++;
|
|
|
|
|
|
|
|
CHECK(rp->p_reg.cs, cs);
|
|
|
|
CHECK(rp->p_reg.gs, ds);
|
|
|
|
CHECK(rp->p_reg.fs, ds);
|
|
|
|
CHECK(rp->p_reg.ss, ds);
|
|
|
|
if(rp->p_endpoint != -2) {
|
|
|
|
CHECK(rp->p_reg.es, ds);
|
|
|
|
}
|
|
|
|
CHECK(rp->p_reg.ds, ds);
|
|
|
|
}
|
|
|
|
if(fail) {
|
|
|
|
printf("%d/%d checks failed\n", fail, checked);
|
|
|
|
minix_panic("wrong", fail);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Primary goal for these changes is:
- no longer have kernel have its own page table that is loaded
on every kernel entry (trap, interrupt, exception). the primary
purpose is to reduce the number of required reloads.
Result:
- kernel can only access memory of process that was running when
kernel was entered
- kernel must be mapped into every process page table, so traps to
kernel keep working
Problem:
- kernel must often access memory of arbitrary processes (e.g. send
arbitrary processes messages); this can't happen directly any more;
usually because that process' page table isn't loaded at all, sometimes
because that memory isn't mapped in at all, sometimes because it isn't
mapped in read-write.
So:
- kernel must be able to map in memory of any process, in its own
address space.
Implementation:
- VM and kernel share a range of memory in which addresses of
all page tables of all processes are available. This has two purposes:
. Kernel has to know what data to copy in order to map in a range
. Kernel has to know where to write the data in order to map it in
That last point is because kernel has to write in the currently loaded
page table.
- Processes and kernel are separated through segments; kernel segments
haven't changed.
- The kernel keeps the process whose page table is currently loaded
in 'ptproc.'
- If it wants to map in a range of memory, it writes the value of the
page directory entry for that range into the page directory entry
in the currently loaded map. There is a slot reserved for such
purposes. The kernel can then access this memory directly.
- In order to do this, its segment has been increased (and the
segments of processes start where it ends).
- In the pagefault handler, detect if the kernel is doing
'trappable' memory access (i.e. a pagefault isn't a fatal
error) and if so,
- set the saved instruction pointer to phys_copy_fault,
breaking out of phys_copy
- set the saved eax register to the address of the page
fault, both for sanity checking and for checking in
which of the two ranges that phys_copy was called
with the fault occured
- Some boot-time processes do not have their own page table,
and are mapped in with the kernel, and separated with
segments. The kernel detects this using HASPT. If such a
process has to be scheduled, any page table will work and
no page table switch is done.
Major changes in kernel are
- When accessing user processes memory, kernel no longer
explicitly checks before it does so if that memory is OK.
It simply makes the mapping (if necessary), tries to do the
operation, and traps the pagefault if that memory isn't present;
if that happens, the copy function returns EFAULT.
So all of the CHECKRANGE_OR_SUSPEND macros are gone.
- Kernel no longer has to copy/read and parse page tables.
- A message copying optimisation: when messages are copied, and
the recipient isn't mapped in, they are copied into a buffer
in the kernel. This is done in QueueMess. The next time
the recipient is scheduled, this message is copied into
its memory. This happens in schedcheck().
This eliminates the mapping/copying step for messages, and makes
it easier to deliver messages. This eliminates soft_notify.
- Kernel no longer creates a page table at all, so the vm_setbuf
and pagetable writing in memory.c is gone.
Minor changes in kernel are
- ipc_stats thrown out, wasn't used
- misc flags all renamed to MF_*
- NOREC_* macros to enter and leave functions that should not
be called recursively; just sanity checks really
- code to fully decode segment selectors and descriptors
to print on exceptions
- lots of vmassert()s added, only executed if DEBUG_VMASSERT is 1
2009-09-21 16:31:52 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* printseg *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC void printseg(char *banner, int iscs, struct proc *pr, u32_t selector)
|
|
|
|
{
|
|
|
|
u32_t base, limit, index, dpl;
|
|
|
|
struct segdesc_s *desc;
|
|
|
|
|
|
|
|
if(banner) { kprintf("%s", banner); }
|
|
|
|
|
|
|
|
index = selector >> 3;
|
|
|
|
|
|
|
|
kprintf("RPL %d, ind %d of ",
|
|
|
|
(selector & RPL_MASK), index);
|
|
|
|
|
|
|
|
if(selector & TI) {
|
|
|
|
kprintf("LDT");
|
2010-01-20 18:55:14 +01:00
|
|
|
if(index >= LDT_SIZE) {
|
Primary goal for these changes is:
- no longer have kernel have its own page table that is loaded
on every kernel entry (trap, interrupt, exception). the primary
purpose is to reduce the number of required reloads.
Result:
- kernel can only access memory of process that was running when
kernel was entered
- kernel must be mapped into every process page table, so traps to
kernel keep working
Problem:
- kernel must often access memory of arbitrary processes (e.g. send
arbitrary processes messages); this can't happen directly any more;
usually because that process' page table isn't loaded at all, sometimes
because that memory isn't mapped in at all, sometimes because it isn't
mapped in read-write.
So:
- kernel must be able to map in memory of any process, in its own
address space.
Implementation:
- VM and kernel share a range of memory in which addresses of
all page tables of all processes are available. This has two purposes:
. Kernel has to know what data to copy in order to map in a range
. Kernel has to know where to write the data in order to map it in
That last point is because kernel has to write in the currently loaded
page table.
- Processes and kernel are separated through segments; kernel segments
haven't changed.
- The kernel keeps the process whose page table is currently loaded
in 'ptproc.'
- If it wants to map in a range of memory, it writes the value of the
page directory entry for that range into the page directory entry
in the currently loaded map. There is a slot reserved for such
purposes. The kernel can then access this memory directly.
- In order to do this, its segment has been increased (and the
segments of processes start where it ends).
- In the pagefault handler, detect if the kernel is doing
'trappable' memory access (i.e. a pagefault isn't a fatal
error) and if so,
- set the saved instruction pointer to phys_copy_fault,
breaking out of phys_copy
- set the saved eax register to the address of the page
fault, both for sanity checking and for checking in
which of the two ranges that phys_copy was called
with the fault occured
- Some boot-time processes do not have their own page table,
and are mapped in with the kernel, and separated with
segments. The kernel detects this using HASPT. If such a
process has to be scheduled, any page table will work and
no page table switch is done.
Major changes in kernel are
- When accessing user processes memory, kernel no longer
explicitly checks before it does so if that memory is OK.
It simply makes the mapping (if necessary), tries to do the
operation, and traps the pagefault if that memory isn't present;
if that happens, the copy function returns EFAULT.
So all of the CHECKRANGE_OR_SUSPEND macros are gone.
- Kernel no longer has to copy/read and parse page tables.
- A message copying optimisation: when messages are copied, and
the recipient isn't mapped in, they are copied into a buffer
in the kernel. This is done in QueueMess. The next time
the recipient is scheduled, this message is copied into
its memory. This happens in schedcheck().
This eliminates the mapping/copying step for messages, and makes
it easier to deliver messages. This eliminates soft_notify.
- Kernel no longer creates a page table at all, so the vm_setbuf
and pagetable writing in memory.c is gone.
Minor changes in kernel are
- ipc_stats thrown out, wasn't used
- misc flags all renamed to MF_*
- NOREC_* macros to enter and leave functions that should not
be called recursively; just sanity checks really
- code to fully decode segment selectors and descriptors
to print on exceptions
- lots of vmassert()s added, only executed if DEBUG_VMASSERT is 1
2009-09-21 16:31:52 +02:00
|
|
|
kprintf("invalid index in ldt\n");
|
|
|
|
return;
|
|
|
|
}
|
2009-10-03 14:17:46 +02:00
|
|
|
if(!pr) {
|
|
|
|
kprintf("local selector but unknown process\n");
|
|
|
|
return;
|
|
|
|
}
|
Primary goal for these changes is:
- no longer have kernel have its own page table that is loaded
on every kernel entry (trap, interrupt, exception). the primary
purpose is to reduce the number of required reloads.
Result:
- kernel can only access memory of process that was running when
kernel was entered
- kernel must be mapped into every process page table, so traps to
kernel keep working
Problem:
- kernel must often access memory of arbitrary processes (e.g. send
arbitrary processes messages); this can't happen directly any more;
usually because that process' page table isn't loaded at all, sometimes
because that memory isn't mapped in at all, sometimes because it isn't
mapped in read-write.
So:
- kernel must be able to map in memory of any process, in its own
address space.
Implementation:
- VM and kernel share a range of memory in which addresses of
all page tables of all processes are available. This has two purposes:
. Kernel has to know what data to copy in order to map in a range
. Kernel has to know where to write the data in order to map it in
That last point is because kernel has to write in the currently loaded
page table.
- Processes and kernel are separated through segments; kernel segments
haven't changed.
- The kernel keeps the process whose page table is currently loaded
in 'ptproc.'
- If it wants to map in a range of memory, it writes the value of the
page directory entry for that range into the page directory entry
in the currently loaded map. There is a slot reserved for such
purposes. The kernel can then access this memory directly.
- In order to do this, its segment has been increased (and the
segments of processes start where it ends).
- In the pagefault handler, detect if the kernel is doing
'trappable' memory access (i.e. a pagefault isn't a fatal
error) and if so,
- set the saved instruction pointer to phys_copy_fault,
breaking out of phys_copy
- set the saved eax register to the address of the page
fault, both for sanity checking and for checking in
which of the two ranges that phys_copy was called
with the fault occured
- Some boot-time processes do not have their own page table,
and are mapped in with the kernel, and separated with
segments. The kernel detects this using HASPT. If such a
process has to be scheduled, any page table will work and
no page table switch is done.
Major changes in kernel are
- When accessing user processes memory, kernel no longer
explicitly checks before it does so if that memory is OK.
It simply makes the mapping (if necessary), tries to do the
operation, and traps the pagefault if that memory isn't present;
if that happens, the copy function returns EFAULT.
So all of the CHECKRANGE_OR_SUSPEND macros are gone.
- Kernel no longer has to copy/read and parse page tables.
- A message copying optimisation: when messages are copied, and
the recipient isn't mapped in, they are copied into a buffer
in the kernel. This is done in QueueMess. The next time
the recipient is scheduled, this message is copied into
its memory. This happens in schedcheck().
This eliminates the mapping/copying step for messages, and makes
it easier to deliver messages. This eliminates soft_notify.
- Kernel no longer creates a page table at all, so the vm_setbuf
and pagetable writing in memory.c is gone.
Minor changes in kernel are
- ipc_stats thrown out, wasn't used
- misc flags all renamed to MF_*
- NOREC_* macros to enter and leave functions that should not
be called recursively; just sanity checks really
- code to fully decode segment selectors and descriptors
to print on exceptions
- lots of vmassert()s added, only executed if DEBUG_VMASSERT is 1
2009-09-21 16:31:52 +02:00
|
|
|
desc = &pr->p_seg.p_ldt[index];
|
|
|
|
} else {
|
|
|
|
kprintf("GDT");
|
2010-01-20 18:55:14 +01:00
|
|
|
if(index >= GDT_SIZE) {
|
Primary goal for these changes is:
- no longer have kernel have its own page table that is loaded
on every kernel entry (trap, interrupt, exception). the primary
purpose is to reduce the number of required reloads.
Result:
- kernel can only access memory of process that was running when
kernel was entered
- kernel must be mapped into every process page table, so traps to
kernel keep working
Problem:
- kernel must often access memory of arbitrary processes (e.g. send
arbitrary processes messages); this can't happen directly any more;
usually because that process' page table isn't loaded at all, sometimes
because that memory isn't mapped in at all, sometimes because it isn't
mapped in read-write.
So:
- kernel must be able to map in memory of any process, in its own
address space.
Implementation:
- VM and kernel share a range of memory in which addresses of
all page tables of all processes are available. This has two purposes:
. Kernel has to know what data to copy in order to map in a range
. Kernel has to know where to write the data in order to map it in
That last point is because kernel has to write in the currently loaded
page table.
- Processes and kernel are separated through segments; kernel segments
haven't changed.
- The kernel keeps the process whose page table is currently loaded
in 'ptproc.'
- If it wants to map in a range of memory, it writes the value of the
page directory entry for that range into the page directory entry
in the currently loaded map. There is a slot reserved for such
purposes. The kernel can then access this memory directly.
- In order to do this, its segment has been increased (and the
segments of processes start where it ends).
- In the pagefault handler, detect if the kernel is doing
'trappable' memory access (i.e. a pagefault isn't a fatal
error) and if so,
- set the saved instruction pointer to phys_copy_fault,
breaking out of phys_copy
- set the saved eax register to the address of the page
fault, both for sanity checking and for checking in
which of the two ranges that phys_copy was called
with the fault occured
- Some boot-time processes do not have their own page table,
and are mapped in with the kernel, and separated with
segments. The kernel detects this using HASPT. If such a
process has to be scheduled, any page table will work and
no page table switch is done.
Major changes in kernel are
- When accessing user processes memory, kernel no longer
explicitly checks before it does so if that memory is OK.
It simply makes the mapping (if necessary), tries to do the
operation, and traps the pagefault if that memory isn't present;
if that happens, the copy function returns EFAULT.
So all of the CHECKRANGE_OR_SUSPEND macros are gone.
- Kernel no longer has to copy/read and parse page tables.
- A message copying optimisation: when messages are copied, and
the recipient isn't mapped in, they are copied into a buffer
in the kernel. This is done in QueueMess. The next time
the recipient is scheduled, this message is copied into
its memory. This happens in schedcheck().
This eliminates the mapping/copying step for messages, and makes
it easier to deliver messages. This eliminates soft_notify.
- Kernel no longer creates a page table at all, so the vm_setbuf
and pagetable writing in memory.c is gone.
Minor changes in kernel are
- ipc_stats thrown out, wasn't used
- misc flags all renamed to MF_*
- NOREC_* macros to enter and leave functions that should not
be called recursively; just sanity checks really
- code to fully decode segment selectors and descriptors
to print on exceptions
- lots of vmassert()s added, only executed if DEBUG_VMASSERT is 1
2009-09-21 16:31:52 +02:00
|
|
|
kprintf("invalid index in gdt\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
desc = &gdt[index];
|
|
|
|
}
|
|
|
|
|
|
|
|
limit = desc->limit_low |
|
|
|
|
(((u32_t) desc->granularity & LIMIT_HIGH) << GRANULARITY_SHIFT);
|
|
|
|
|
|
|
|
if(desc->granularity & GRANULAR) {
|
|
|
|
limit = (limit << PAGE_GRAN_SHIFT) + 0xfff;
|
|
|
|
}
|
|
|
|
|
|
|
|
base = desc->base_low |
|
|
|
|
((u32_t) desc->base_middle << BASE_MIDDLE_SHIFT) |
|
|
|
|
((u32_t) desc->base_high << BASE_HIGH_SHIFT);
|
|
|
|
|
|
|
|
kprintf(" -> base 0x%08lx size 0x%08lx ", base, limit+1);
|
|
|
|
|
|
|
|
if(iscs) {
|
|
|
|
if(!(desc->granularity & BIG))
|
|
|
|
kprintf("16bit ");
|
|
|
|
} else {
|
|
|
|
if(!(desc->granularity & BIG))
|
|
|
|
kprintf("not big ");
|
|
|
|
}
|
|
|
|
|
|
|
|
if(desc->granularity & 0x20) { /* reserved */
|
|
|
|
minix_panic("granularity reserved field set", NO_NUM);
|
|
|
|
}
|
|
|
|
|
|
|
|
if(!(desc->access & PRESENT))
|
|
|
|
kprintf("notpresent ");
|
|
|
|
|
|
|
|
if(!(desc->access & SEGMENT))
|
|
|
|
kprintf("system ");
|
|
|
|
|
|
|
|
if(desc->access & EXECUTABLE) {
|
|
|
|
kprintf(" exec ");
|
|
|
|
if(desc->access & CONFORMING) kprintf("conforming ");
|
|
|
|
if(!(desc->access & READABLE)) kprintf("non-readable ");
|
|
|
|
} else {
|
|
|
|
kprintf("nonexec ");
|
|
|
|
if(desc->access & EXPAND_DOWN) kprintf("non-expand-down ");
|
|
|
|
if(!(desc->access & WRITEABLE)) kprintf("non-writable ");
|
|
|
|
}
|
|
|
|
|
|
|
|
if(!(desc->access & ACCESSED)) {
|
|
|
|
kprintf("nonacc ");
|
|
|
|
}
|
|
|
|
|
|
|
|
dpl = ((u32_t) desc->access & DPL) >> DPL_SHIFT;
|
|
|
|
|
|
|
|
kprintf("DPL %d\n", dpl);
|
|
|
|
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* prot_set_kern_seg_limit *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC int prot_set_kern_seg_limit(vir_bytes limit)
|
|
|
|
{
|
|
|
|
struct proc *rp;
|
|
|
|
int orig_click;
|
|
|
|
int incr_clicks;
|
|
|
|
|
|
|
|
if(limit <= kinfo.data_base) {
|
|
|
|
kprintf("prot_set_kern_seg_limit: limit bogus\n");
|
|
|
|
return EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Do actual increase. */
|
|
|
|
orig_click = kinfo.data_size / CLICK_SIZE;
|
|
|
|
kinfo.data_size = limit - kinfo.data_base;
|
|
|
|
incr_clicks = kinfo.data_size / CLICK_SIZE - orig_click;
|
|
|
|
|
|
|
|
prot_init();
|
|
|
|
|
|
|
|
/* Increase kernel processes too. */
|
|
|
|
for (rp = BEG_PROC_ADDR; rp < END_PROC_ADDR; ++rp) {
|
2009-11-12 09:35:26 +01:00
|
|
|
if (isemptyp(rp) || !iskernelp(rp))
|
Primary goal for these changes is:
- no longer have kernel have its own page table that is loaded
on every kernel entry (trap, interrupt, exception). the primary
purpose is to reduce the number of required reloads.
Result:
- kernel can only access memory of process that was running when
kernel was entered
- kernel must be mapped into every process page table, so traps to
kernel keep working
Problem:
- kernel must often access memory of arbitrary processes (e.g. send
arbitrary processes messages); this can't happen directly any more;
usually because that process' page table isn't loaded at all, sometimes
because that memory isn't mapped in at all, sometimes because it isn't
mapped in read-write.
So:
- kernel must be able to map in memory of any process, in its own
address space.
Implementation:
- VM and kernel share a range of memory in which addresses of
all page tables of all processes are available. This has two purposes:
. Kernel has to know what data to copy in order to map in a range
. Kernel has to know where to write the data in order to map it in
That last point is because kernel has to write in the currently loaded
page table.
- Processes and kernel are separated through segments; kernel segments
haven't changed.
- The kernel keeps the process whose page table is currently loaded
in 'ptproc.'
- If it wants to map in a range of memory, it writes the value of the
page directory entry for that range into the page directory entry
in the currently loaded map. There is a slot reserved for such
purposes. The kernel can then access this memory directly.
- In order to do this, its segment has been increased (and the
segments of processes start where it ends).
- In the pagefault handler, detect if the kernel is doing
'trappable' memory access (i.e. a pagefault isn't a fatal
error) and if so,
- set the saved instruction pointer to phys_copy_fault,
breaking out of phys_copy
- set the saved eax register to the address of the page
fault, both for sanity checking and for checking in
which of the two ranges that phys_copy was called
with the fault occured
- Some boot-time processes do not have their own page table,
and are mapped in with the kernel, and separated with
segments. The kernel detects this using HASPT. If such a
process has to be scheduled, any page table will work and
no page table switch is done.
Major changes in kernel are
- When accessing user processes memory, kernel no longer
explicitly checks before it does so if that memory is OK.
It simply makes the mapping (if necessary), tries to do the
operation, and traps the pagefault if that memory isn't present;
if that happens, the copy function returns EFAULT.
So all of the CHECKRANGE_OR_SUSPEND macros are gone.
- Kernel no longer has to copy/read and parse page tables.
- A message copying optimisation: when messages are copied, and
the recipient isn't mapped in, they are copied into a buffer
in the kernel. This is done in QueueMess. The next time
the recipient is scheduled, this message is copied into
its memory. This happens in schedcheck().
This eliminates the mapping/copying step for messages, and makes
it easier to deliver messages. This eliminates soft_notify.
- Kernel no longer creates a page table at all, so the vm_setbuf
and pagetable writing in memory.c is gone.
Minor changes in kernel are
- ipc_stats thrown out, wasn't used
- misc flags all renamed to MF_*
- NOREC_* macros to enter and leave functions that should not
be called recursively; just sanity checks really
- code to fully decode segment selectors and descriptors
to print on exceptions
- lots of vmassert()s added, only executed if DEBUG_VMASSERT is 1
2009-09-21 16:31:52 +02:00
|
|
|
continue;
|
|
|
|
rp->p_memmap[S].mem_len += incr_clicks;
|
|
|
|
alloc_segments(rp);
|
2009-11-16 22:41:44 +01:00
|
|
|
rp->p_memmap[S].mem_len -= incr_clicks;
|
Primary goal for these changes is:
- no longer have kernel have its own page table that is loaded
on every kernel entry (trap, interrupt, exception). the primary
purpose is to reduce the number of required reloads.
Result:
- kernel can only access memory of process that was running when
kernel was entered
- kernel must be mapped into every process page table, so traps to
kernel keep working
Problem:
- kernel must often access memory of arbitrary processes (e.g. send
arbitrary processes messages); this can't happen directly any more;
usually because that process' page table isn't loaded at all, sometimes
because that memory isn't mapped in at all, sometimes because it isn't
mapped in read-write.
So:
- kernel must be able to map in memory of any process, in its own
address space.
Implementation:
- VM and kernel share a range of memory in which addresses of
all page tables of all processes are available. This has two purposes:
. Kernel has to know what data to copy in order to map in a range
. Kernel has to know where to write the data in order to map it in
That last point is because kernel has to write in the currently loaded
page table.
- Processes and kernel are separated through segments; kernel segments
haven't changed.
- The kernel keeps the process whose page table is currently loaded
in 'ptproc.'
- If it wants to map in a range of memory, it writes the value of the
page directory entry for that range into the page directory entry
in the currently loaded map. There is a slot reserved for such
purposes. The kernel can then access this memory directly.
- In order to do this, its segment has been increased (and the
segments of processes start where it ends).
- In the pagefault handler, detect if the kernel is doing
'trappable' memory access (i.e. a pagefault isn't a fatal
error) and if so,
- set the saved instruction pointer to phys_copy_fault,
breaking out of phys_copy
- set the saved eax register to the address of the page
fault, both for sanity checking and for checking in
which of the two ranges that phys_copy was called
with the fault occured
- Some boot-time processes do not have their own page table,
and are mapped in with the kernel, and separated with
segments. The kernel detects this using HASPT. If such a
process has to be scheduled, any page table will work and
no page table switch is done.
Major changes in kernel are
- When accessing user processes memory, kernel no longer
explicitly checks before it does so if that memory is OK.
It simply makes the mapping (if necessary), tries to do the
operation, and traps the pagefault if that memory isn't present;
if that happens, the copy function returns EFAULT.
So all of the CHECKRANGE_OR_SUSPEND macros are gone.
- Kernel no longer has to copy/read and parse page tables.
- A message copying optimisation: when messages are copied, and
the recipient isn't mapped in, they are copied into a buffer
in the kernel. This is done in QueueMess. The next time
the recipient is scheduled, this message is copied into
its memory. This happens in schedcheck().
This eliminates the mapping/copying step for messages, and makes
it easier to deliver messages. This eliminates soft_notify.
- Kernel no longer creates a page table at all, so the vm_setbuf
and pagetable writing in memory.c is gone.
Minor changes in kernel are
- ipc_stats thrown out, wasn't used
- misc flags all renamed to MF_*
- NOREC_* macros to enter and leave functions that should not
be called recursively; just sanity checks really
- code to fully decode segment selectors and descriptors
to print on exceptions
- lots of vmassert()s added, only executed if DEBUG_VMASSERT is 1
2009-09-21 16:31:52 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return OK;
|
|
|
|
}
|