From owner-svn-src-all@FreeBSD.ORG Mon Jun 6 23:03:38 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5A365106564A; Mon, 6 Jun 2011 23:03:38 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 4A5878FC12; Mon, 6 Jun 2011 23:03:38 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p56N3cNk053026; Mon, 6 Jun 2011 23:03:38 GMT (envelope-from jkim@svn.freebsd.org) Received: (from jkim@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p56N3cjs053024; Mon, 6 Jun 2011 23:03:38 GMT (envelope-from jkim@svn.freebsd.org) Message-Id: <201106062303.p56N3cjs053024@svn.freebsd.org> From: Jung-uk Kim Date: Mon, 6 Jun 2011 23:03:38 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r222795 - head/sys/dev/atkbdc X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 23:03:38 -0000 Author: jkim Date: Mon Jun 6 23:03:37 2011 New Revision: 222795 URL: http://svn.freebsd.org/changeset/base/222795 Log: Validate INT 15h and 16h vectors more strictly. Traditionally these entry points are fixed addresses and (U)EFI CSM specification also mandated that. Unfortunately, (U)EFI CSM specification does not specifically mention this is to call service routine via interrupt vector table or to jump directly to the entry point. As a result, some CSM seems to install two routines and acts differently, depending on how it was executed, unfortunately. When INT 15h is used, it calls a function pointer (which is probably a UEFI service function). When it jumps directly to the entry point, it executes a simple and traditional INT 15h service routine. Therefore, actually there are two possible fixes, i. e., this fix or jumping directly to the fixed entry point. However, we chose this fix because a) keyboard typematic support via BIOS is becoming extremely rarer and b) we cannot support random service routine installed by a firmware or a boot loader. This should fix Lenovo X220 laptop, specifically. Reviewed by: delphij MFC after: 3 days Modified: head/sys/dev/atkbdc/atkbd.c Modified: head/sys/dev/atkbdc/atkbd.c ============================================================================== --- head/sys/dev/atkbdc/atkbd.c Mon Jun 6 22:26:02 2011 (r222794) +++ head/sys/dev/atkbdc/atkbd.c Mon Jun 6 23:03:37 2011 (r222795) @@ -1097,7 +1097,8 @@ get_typematic(keyboard_t *kbd) x86regs_t regs; uint8_t *p; - if (x86bios_get_intr(0x15) == 0 || x86bios_get_intr(0x16) == 0) + if (x86bios_get_intr(0x15) != 0xf000f859 || + x86bios_get_intr(0x16) != 0xf000e82e) return (ENODEV); /* Is BIOS system configuration table supported? */