| |
|
 |
|
 |
|
|
|
| |
|
|
xen-devel
[Xen-devel] Re: [PATCH] [HVM] [x86_emulate] Disallow setting EFLAGS_TF t
Trolle,
This is indeed bogus, since POPF certainly can be used to set TF. I don't
believe that real mode is a special case in this respect.
What it could be is that the instruction that sets TF should not itself
cause a debug exception when it is retired. So, if the end of the #DB
handler is POPF ; IRET, and the POPF is setting EFLAGS.TF, then this would
explain the endless (actually nested) handler execution.
Could test this by changing the EXC_DB injection in x86_emulate.c to check
ctxt->regs->eflags for TF before the line '*ctxt->regs = _regs'. This would
correctly correspond to using the value of EFLAGS.TF before the instruction
was executed.
-- Keir
On 23/5/08 18:12, "Trolle Selander" <trolle.selander@xxxxxxxxxxxxx> wrote:
> This patch fixes the issue with running Freedos with HIMEM.SYS enabled.
>
> The issue turns out to be that it sets the trap flag through a push &
> subsequent popf. This causes x86_emulate to later inject a hw_exception,
> which results in the observed badness with the emulation spinning
> endlessly on the same IRET.
>
> Note that disallowing TF to be set in this way appears not to match the
> described behavior of POPF according to the Intel manuals. It also
> results in POPF ending up always _clearing_ TF, which may not be the
> right thing to do either. However, for what it's worth, it does appear
> to be the way QEMU deals with this code in Freedos/HIMEM.SYS. It might
> be a good idea to take a look at real hardware and see what the behavior
> is there - it wouldn't be the first time that documentation does not
> match reality.
> A different and possibly more correct solution (that matches the
> documentation) would be to not use TF on its own as the trigger for
> inject_hw_exception, if POPF is going to be allowed to set the TF flag
> without a real trap having happened, but for now, this solves the
> Freedos/HIMEM issue in the simplest way possible.
>
> Signed-off-by: Trolle Selander <trolle.selander@xxxxxxxxxxxxx
> <mailto:trolle.selander@xxxxxxxxx>>
> diff -uNr xen-unstable.hg/xen/arch/x86/x86_emulate/x86_emulate.c
> xen-unstable.hg-patched/xen/arch/x86/x86_emulate/x86_emulate.c
> --- xen-unstable.hg/xen/arch/x86/x86_emulate/x86_emulate.c 2008-05-23
> 17:33:51.000000000 +0100
> +++ xen-unstable.hg-patched/xen/arch/x86/x86_emulate/x86_emulate.c 2008-05-23
> 17:41:59.000000000 +0100
> @@ -2465,7 +2465,7 @@
> goto push;
>
> case 0x9d: /* popf */ {
> - uint32_t mask = EFLG_VIP | EFLG_VIF | EFLG_VM;
> + uint32_t mask = EFLG_VIP | EFLG_VIF | EFLG_VM | EFLG_TF;
> if ( !mode_ring0() )
> mask |= EFLG_IOPL;
> if ( !mode_iopl() )
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
| <Prev in Thread] |
Current Thread |
[Next in Thread> |
- [Xen-devel] Re: [PATCH] [HVM] [x86_emulate] Disallow setting EFLAGS_TF through POPF,
Keir Fraser <=
|
|
|
| |
|
Home