From owner-freebsd-current Thu Nov 13 09:09:38 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id JAA27471 for current-outgoing; Thu, 13 Nov 1997 09:09:38 -0800 (PST) (envelope-from owner-freebsd-current) Received: from schenectady.netmonger.net (schenectady.netmonger.net [209.54.21.143]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id JAA27164 for ; Thu, 13 Nov 1997 09:05:51 -0800 (PST) (envelope-from postmaster@schenectady.netmonger.net) Received: (from news@localhost) by schenectady.netmonger.net (8.8.5/8.8.5) id LAA12783 for freebsd-current@freebsd.org; Thu, 13 Nov 1997 11:35:19 -0500 (EST) Received: from GATEWAY by schenectady.netmonger.net with netnews for freebsd-current@freebsd.org (freebsd-current@freebsd.org) To: freebsd-current@freebsd.org Date: 13 Nov 1997 16:35:18 GMT From: chris@netmonger.net (Christopher Masto) Message-ID: <64fa86$bbu$1@schenectady.netmonger.net> Organization: NetMonger Communications References: Subject: Re: Intel Pentium Bug: BSDI Releases a patch (fwd) Sender: owner-freebsd-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In article , Alex wrote: > >Hmm. I wonder what they're doing to fix it. I'd hope not disabling the >internal cache. Apparently Linux has a workaround (I hate to call it a fix - it sort of implies that the OS is being fixed, where in reality it's the broken chip that's being worked around) now. From: Ingo Molnar Newsgroups: comp.sys.intel,comp.os.linux.advocacy Subject: Re: Intel Pentium Bug: BSDI Releases a patch! Date: 13 Nov 1997 08:45:04 GMT Organization: Siemens AG Austria Message-ID: <64eemg$pum@zwei.siemens.at> References: <64bitf$8cf@sifon.cc.mcgill.ca> <34696B0D.DAD2415C@home.com> <64d1gu$77s@slip.net> In comp.sys.intel Robert Collins wrote: : (Stepping out on a big assumption here, below...) : The #PF handler gets a bit more complex. Now, the CR2 address points to : the faulting exception handler (if #UD or lower). Oh great, that's just : great. So it's not a difficult fix, but it's not an acceptible work : around, either. The added complexity is not a acceptible under any : circumstances. NMIs don't take NMIs; #DEs don't take #DEs. That's not : an acceptible workaround, even if user software can't tell the difference. Fortunately there is no overhead in RL systems. This is the structure of Linux's new IDT: IDT --> descriptor 0 1 LOW PAGE ... descriptor 6 <====== illegal opcode [ ............. PAGE BOUNDARY ...........................] descriptor 7 descriptor 8 HIGH PAGE ... descriptor 14 <====== page fault ... 255 'LOW PAGE' is unmapped, 'HIGH PAGE' is mapped. So Linux will see a 'bounced exception' in the page fault handler only if exceptions 0-6 happen ... they are very rare. The BSDI fix seems to cut at exception 13, which thus includes important exceptions like the lazy-FPU exception. Linux does not have this overhead. The above 'added complexity' is executed only after all other page fault causes are filtered out. This means there is _zero_ added overhead for normal page-in, COW, nonmapped faults. We detect this special condition at a point where we'd dump the kernel anyway, because that fault Must Not Happen under any other circumstance. thus the _only_ affected code is exceptions 0 to 6, and the cost is moderate, less than 50 cycles. (ring switchig alone costs 85 cycles) The affected exceptions: + do_divide_error, /* 0 - divide overflow */ + do_debug, /* 1 - debug trap */ + do_nmi, /* 2 - NMI */ + do_int3, /* 3 - int 3 */ + do_overflow, /* 4 - overflow */ + do_bounds, /* 5 - bound range */ + do_invalid_op }; /* 6 - invalid opcode */ _all_ other exceptions, interrupts, kernel activities are unaffected. i hope this info is enough to create fixes for other free OSs within the next few days. -- mingo -- = Christopher Masto = chris@netmonger.net = http://www.netmonger.net/ = = NetMonger Communications = finger for PGP key = $19.95/mo unlimited access = = Director of Operations = (516) 221-6664 = mailto:info@netmonger.net =