Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 11 Apr 2005 11:54:01 -0700
From:      Julian Elischer <julian@elischer.org>
To:        Bill Paul <wpaul@FreeBSD.org>
Cc:        cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/sys/compat/ndis hal_var.h kern_ndis.c        subr_ndis.cMakefile src/sys/dev/if_ndis if_ndis.c
Message-ID:  <425AC7C9.8050801@elischer.org>
In-Reply-To: <200504110202.j3B22Z5k014387@repoman.freebsd.org>
References:  <200504110202.j3B22Z5k014387@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 


Bill Paul wrote:

>wpaul       2005-04-11 02:02:35 UTC
>
>
>  The twist has to do with the fact that Microsoft supports structured
>  exception handling in kernel mode. On the i386 arch, exception handling
>  is implemented by hanging an exception registration list off the
>  Thread Environment Block (TEB), and the TEB is accessed via the %fs
>  register. The problem is, we use %fs as a pointer to the pcpu stucture,
>  which means any driver that tries to write through %fs:0 will overwrite
>  the curthread pointer and make a serious mess of things.
>  
>  To get around this, Project Evil now creates a special entry in
>  the GDT on each processor. When we call into Windows code, a context
>  switch routine will fix up %fs so it points to our new descriptor,
>  which in turn points to a fake TEB. When the Windows code returns,
>  or calls out to an external routine, we swap %fs back again. Currently,
>  Project Evil makes use of GDT slot 7, which is all 0s by default.
>  I fully expect someone to jump up and say I can't do that, but I
>  couldn't find any code that makes use of this entry anywhere. Sadly,
>  this was the only method I could come up with that worked on both
>  UP and SMP. (Modifying the LDT works on UP, but becomes incredibly
>  complicated on SMP.) If necessary, the context switching stuff can
>  be yanked out while preserving the convention calling wrappers.
>  
> 
>  
>
Maybe we could emulate $soft and use %fs as a thread pointer instead and 
have pcpu
pointed to via that :-)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?425AC7C9.8050801>