looking at do_stack_switch() (x86-32), I see that the switch is effected by moving the new stack pointer into current->arch.kernel_sp. however, entry.S only looks at kernel_sp in create_bounce_frame, but only if we''re not returning into ring 1. how then is the switch caused? obviously the call to do_stack_switch came from ring 1. confused, Avi _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
The stack_switch you''re looking at is for setting the trap stack. On 6/9/05, Avi Kivity <avi.kivity@qumranet.com> wrote:> looking at do_stack_switch() (x86-32), I see that the switch is effected > by moving the new stack pointer into current->arch.kernel_sp. however, > entry.S only looks at kernel_sp in create_bounce_frame, but only if > we''re not returning into ring 1. > > how then is the switch caused? obviously the call to do_stack_switch > came from ring 1. > > confused, > Avi > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Thu, 2005-06-09 at 07:44 -0700, Kip Macy wrote:> The stack_switch you''re looking at is for setting the trap stack. >I''m still confused :( the guest kernel''s __switch_to() does tss->esp0 = next->esp0; mcl->op = __HYPERVISOR_stack_switch; mcl->args[0] = tss->ss0; mcl->args[1] = tss->esp0; mcl++; eventually calling into xen with that multicall. do_multicall_call() calls, via hypercall_table, do_stack_switch(). there is only one do_stack_switch() (for x86-32) which reads: int nr = smp_processor_id(); struct tss_struct *t = &init_tss[nr]; if ( (ss & 3) != 1 ) return -EPERM; current->arch.kernel_ss = ss; current->arch.kernel_sp = esp; t->ss1 = ss; t->esp1 = esp; return 0; the tss is not consulted on iretd as far as I can tell, and kernel_sp is only loaded in create_bounce_frame. what did I miss? thanks in advance.> On 6/9/05, Avi Kivity <avi.kivity@qumranet.com> wrote: > > looking at do_stack_switch() (x86-32), I see that the switch is effected > > by moving the new stack pointer into current->arch.kernel_sp. however, > > entry.S only looks at kernel_sp in create_bounce_frame, but only if > > we''re not returning into ring 1. > > > > how then is the switch caused? obviously the call to do_stack_switch > > came from ring 1. > > > > confused, > > Avi > > > > _______________________________________________ > > Xen-devel mailing list > > Xen-devel@lists.xensource.com > > http://lists.xensource.com/xen-devel > >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On 9 Jun 2005, at 16:22, Avi Kivity wrote:> the tss is not consulted on iretd as far as I can tell, and kernel_sp > is > only loaded in create_bounce_frame. what did I miss? > > thanks in advance.The actual stack switch occurs in do_switch() macro defined in include/asm-xen/asm-i386/system.h. do_stack_switch() changes the stack that Xen switches to when switching to ring 1 when previously the guest was executing in ring 3. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Thu, 2005-06-09 at 16:32 +0100, Keir Fraser wrote:> On 9 Jun 2005, at 16:22, Avi Kivity wrote: > > > the tss is not consulted on iretd as far as I can tell, and kernel_sp > > is > > only loaded in create_bounce_frame. what did I miss? > > > > thanks in advance. > > The actual stack switch occurs in do_switch() macro defined in > include/asm-xen/asm-i386/system.h. >switch_to(), I think you mean.> do_stack_switch() changes the stack that Xen switches to when switching > to ring 1 when previously the guest was executing in ring 3. >all clear now. thanks! Avi> -- Keir >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel