Sfoglia il codice sorgente

Leave protected-mode return address on PM stack when issuing a

real_call(), rather than moving it to the RM stack and back again.
This allows the real-mode function to completely destroy the stack
contents, provided that it manages to return to real_call().
tags/v0.9.3
Michael Brown 18 anni fa
parent
commit
a9369bb503
1 ha cambiato i file con 10 aggiunte e 11 eliminazioni
  1. 10
    11
      src/arch/i386/transitions/librm.S

+ 10
- 11
src/arch/i386/transitions/librm.S Vedi File

@@ -455,28 +455,25 @@ prot_call:
455 455
 	.code32
456 456
 	.globl real_call
457 457
 real_call:
458
-	/* Create register dump on PM stack */
458
+	/* Create register dump and function pointer copy on PM stack */
459 459
 	pushal
460
+	pushl	RC_OFFSET_FUNCTION(%esp)
460 461
 
461
-	/* Switch to real mode and move register dump to RM stack */
462
-	movl	$RC_OFFSET_END, %ecx
462
+	/* Switch to real mode and move register dump to RM stack  */
463
+	movl	$( RC_OFFSET_RETADDR + 4 /* function pointer copy */ ), %ecx
463 464
 	pushl	$1f
464 465
 	jmp	prot_to_real
465 466
 	.section ".text16"
466 467
 	.code16
467 468
 1:
468
-	/* Construct call to real-mode function */
469
-	movw	%sp, %bp
470
-	movw	RC_OFFSET_FUNCTION(%bp), %ax
471
-	movw	%ax, rc_function
472
-
473 469
 	/* Call real-mode function */
470
+	popl	rc_function
474 471
 	popal
475 472
 	call	*rc_function
476 473
 	pushal
477 474
 
478 475
 	/* Switch to protected mode and move register dump back to PM stack */
479
-	movl	$RC_OFFSET_END, %ecx
476
+	movl	$RC_OFFSET_RETADDR, %ecx
480 477
 	pushl	$1f
481 478
 	jmp	real_to_prot
482 479
 	.section ".text"
@@ -487,9 +484,11 @@ real_call:
487 484
 	ret
488 485
 
489 486
 
490
-	/* Function vector, used because */
487
+	/* Function vector, used because "call xx(%sp)" is not a valid
488
+	 * 16-bit expression.
489
+	 */
491 490
 	.section ".data16"
492
-rc_function:	.word 0
491
+rc_function:	.word 0, 0
493 492
 	
494 493
 /****************************************************************************
495 494
  * Stored real-mode and protected-mode stack pointers

Loading…
Annulla
Salva