[Adeos-main] [PATCH] 2.6.24-x86: fix assembly of IRQ trampolines

All of lore.kernel.org
 help / color / mirror / Atom feed

* [Adeos-main] [PATCH] 2.6.24-x86: fix assembly of IRQ trampolines
@ 2008-01-24  9:16 Jan Kiszka
  0 siblings, 0 replies; only message in thread
From: Jan Kiszka @ 2008-01-24  9:16 UTC (permalink / raw)
  To: Philippe Gerum; +Cc: adeos-main

[-- Attachment #1: Type: text/plain, Size: 559 bytes --]

Only fair that this bug bit me - I introduced the regression:

As we are fiddling with the stack pointer in
__ipipe_call_root_*irq_handler, we cannot allow the compiler to fetch
arguments from memory with potentially stack-relative addresses. This
actually happened with Kyle's minimalistic x86-64 .config here, causing
a lockup early during boot. Thus we have to restrict the involved
arguments to registers and avoid C-code after the stack pointer was
modified.

Jan

-- 
Siemens AG, Corporate Technology, CT SE 2
Corporate Competence Center Embedded Linux

[-- Attachment #2: fix-irq-trampoline-assembly.patch --]
[-- Type: text/x-patch, Size: 2150 bytes --]

---
 include/asm-x86/ipipe_32.h |    4 ++--
 include/asm-x86/ipipe_64.h |    9 +++++----
 2 files changed, 7 insertions(+), 6 deletions(-)

Index: b/include/asm-x86/ipipe_32.h
===================================================================
--- a/include/asm-x86/ipipe_32.h
+++ b/include/asm-x86/ipipe_32.h
@@ -82,7 +82,7 @@ static inline void __ipipe_call_root_xir
 			     "jmp ret_from_intr\n\t"
 			     "__xirq_end: cli\n"
 			     : /* no output */
-			     : "a" (~irq), "rm" (handler), "rm" (regs));
+			     : "a" (~irq), "r" (handler), "rm" (regs));
 }
 
 void irq_enter(void);
@@ -112,7 +112,7 @@ static inline void __ipipe_call_root_vir
 			     "call *%1\n\t"
 			     "addl $8,%%esp\n"
 			     : /* no output */
-			     : "a" (irq), "rm" (handler), "d" (cookie));
+			     : "a" (irq), "r" (handler), "d" (cookie));
 	irq_exit();
 	__asm__ __volatile__("jmp ret_from_intr\n\t"
 			     "__virq_end: cli\n"
Index: b/include/asm-x86/ipipe_64.h
===================================================================
--- a/include/asm-x86/ipipe_64.h
+++ b/include/asm-x86/ipipe_64.h
@@ -94,7 +94,7 @@ static inline void __ipipe_call_root_xir
 			     : /* no output */
 			     : [kernel_cs] "i" (__KERNEL_CS),
 			       [vector] "rm" (regs->orig_rax),
-			       [handler] "rm" (handler), "D" (regs)
+			       [handler] "r" (handler), "D" (regs)
 			     : "rax");
 }
 
@@ -105,6 +105,7 @@ static inline void __ipipe_call_root_vir
 						  void (*handler)(unsigned, void *),
 						  void *cookie)
 {
+	irq_enter();
 	__asm__ __volatile__("movq  %%rsp, %%rax\n\t"
 			     "pushq $0\n\t"
 			     "pushq %%rax\n\t"
@@ -122,11 +123,11 @@ static inline void __ipipe_call_root_vir
 			     "movq  %%r9,2*8(%%rsp)\n\t"
 			     "movq  %%r10,1*8(%%rsp)\n\t"
 			     "movq  %%r11,(%%rsp)\n\t"
+			     "call  *%[handler]\n\t"
 			     : /* no output */
-			     : [kernel_cs] "i" (__KERNEL_CS)
+			     : [kernel_cs] "i" (__KERNEL_CS),
+			       [handler] "r" (handler), "D" (irq), "S" (cookie)
 			     : "rax");
-	irq_enter();
-	handler(irq, cookie);
 	irq_exit();
 	__asm__ __volatile__("jmp exit_intr\n\t"
 			     "__virq_end: cli\n"

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2008-01-24  9:16 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-01-24  9:16 [Adeos-main] [PATCH] 2.6.24-x86: fix assembly of IRQ trampolines Jan Kiszka

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.