Wrong EFLAGS are restored when kernel is switching back to user mode #9
Comments
|
Hi, Once I can confirm if your mistaken or if this is a bug I can take further action |
|
Let's start with proof-of-concept code for userspace program (roginvs/udemy_kernel@a384f97). I will add some comments there: When timer interruption occurs then CPU saves registers in the kernel stack. When kernel is ready to return control back to this program then we need to restore exact the same state as it was before. In the code below we still running in the kernel mode and EFLAGS have flags which are valid for kernel code. At this point ZF might be not set, it fully depends of the kernel and what we compared few instructions before in the kernel mode. In this section we set push EFLAGS from kernel mode and ZF might be zero. Proof-of-concept really shows this bug. If you run this user program then you will see that at some point it will break from infinite loop which is obviously not the expected behaviour. |
|
Woopsie I see what you mean now. Quite right, because here we push the flags as they are at kernel land at that point in time, meaning the flags might not be the same when returning to the user process if theirs a task switch. Thats what your getting at right |
When we call
task_returnfunction we for some reason push FLAGS which are from kernel code but not from the userspace code. This causes userspace code to have wrong FLAGS after context switching.Here is a simple proof-of-concept for user space program
blank.c(roginvs/udemy_kernel@a384f97):This looks like infinite loop. But when timer interrupt occurs and control is transferred back to userspace code then EFLAGS have ZF=0 and it causes this loop to break.
A solution is here https://github.com/nibblebits/PeachOS/pull/6/files - we have to push to stack EFLAGS the same way as other registers and also we have to provide initialization value for EFLAGS for userspace code.
The text was updated successfully, but these errors were encountered: