From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47551) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Wn7Lj-0006iJ-U6 for qemu-devel@nongnu.org; Wed, 21 May 2014 10:18:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Wn7Lf-0002hG-8H for qemu-devel@nongnu.org; Wed, 21 May 2014 10:18:31 -0400 Received: from mail-qg0-x229.google.com ([2607:f8b0:400d:c04::229]:51515) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Wn7Lf-0002hA-3X for qemu-devel@nongnu.org; Wed, 21 May 2014 10:18:27 -0400 Received: by mail-qg0-f41.google.com with SMTP id j5so3294643qga.14 for ; Wed, 21 May 2014 07:18:26 -0700 (PDT) Sender: Paolo Bonzini Message-ID: <537CB5AE.1080203@redhat.com> Date: Wed, 21 May 2014 16:18:22 +0200 From: Paolo Bonzini MIME-Version: 1.0 References: <1400270365-12316-1-git-send-email-pbonzini@redhat.com> <1400270365-12316-4-git-send-email-pbonzini@redhat.com> <20140520215433.GA19697@morn.localdomain> <537C8A51.2080008@redhat.com> <20140521140538.GA8069@morn.localdomain> In-Reply-To: <20140521140538.GA8069@morn.localdomain> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 3/3] target-i386: get CPL from SS.DPL List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Kevin O'Connor Cc: qemu-devel@nongnu.org Il 21/05/2014 16:05, Kevin O'Connor ha scritto: > On Wed, May 21, 2014 at 01:13:21PM +0200, Paolo Bonzini wrote: >> Il 20/05/2014 23:54, Kevin O'Connor ha scritto: >>> On Fri, May 16, 2014 at 09:59:25PM +0200, Paolo Bonzini wrote: >>>> CS.RPL is not equal to the CPL in the few instructions between >>>> setting CR0.PE and reloading CS. We get this right in the common >>>> case, because writes to CR0 do not modify the CPL, but it would >>>> not be enough if an SMI comes exactly during that brief period. >>>> Were this to happen, the RSM instruction would erroneously set >>>> CPL to the low two bits of the real-mode selector; and if they are >>>> not 00, the next instruction fetch cannot access the code segment >>>> and causes a triple fault. >>>> >>>> However, SS.DPL *is* always equal to the CPL. In real processors >>>> (AMD only) there is a weird case of SYSRET setting SS.DPL=SS.RPL >>> >from the STAR register while forcing CPL=3, but we do not emulate >>>> that. >>> >>> I was in the process of testing something else, when I encountered a >>> problem with an old MSDOS 6.22 floppy I had. I tracked it down to an >>> error in one of the commits I did in this series (I sent a fix in a >>> separate email for it). >>> >>> Unfortunately, after I fixed the problem in my patch, your patch above >>> breaks it again. I think it's another VM86 thing. >>> >>> Steps to reproduce: >>> >>> 1 - grab the DOS 6.22 floppy from: http://bootdisk.com/bootdisk.htm >>> >>> 2 - boot it up and add emm386.exe to config.sys ("edit config.sys" and >>> add "DEVICE=EMM386.EXE" on the second line of the file). >>> >>> 3 - reboot with modified config.sys >> >> I cannot reproduce this. I can see the breakage with current master, and I >> can see your patch fixing it. It keeps working with these changes. Please >> try branch cpl-queue at git://github.com/bonzini/qemu.git and see if it >> works for you too. > > Apologies - somehow your patch 1 got misapplied to my tree. Testing > with the tree above works fine. Should I take this as a Tested-by? :) Paolo