[hppa-linux] Gateway instructions

[Mike Shaver]

Christopher Neufeld wrote:
>    How does this work, now? Is the target of the gateway instruction
> intended to be simply a vector table of other jumps, preceded by some
> non-branch instruction which forms the taget of the gateway?

I suspected so, but was confounded by the same issues you bring up....

OpenBSD has this:
#define SYSCALLGATE     0xC0000000              /* syscall gateway page
*/
but I can't find it used anywhere else in the hppa-specific code, or
indeed the rest of the sys/ tree.

Here's how I think it works:
The GATE completer takes its privilege from the TLB entry for the page
_containing_ the BRANCH-with-GATE (see 4-5 in the PARISC 2.0 book).  So
what we do is have a page (at 0xC0000000, probably) that has
appropriately high privilege level in the TLB, and yet is executable by
the user-space process.  I think that means that the TLB access rights
field is [100,11,11]:
- execute: promote to privilege 0
- minimum privilege 3
- maximum privilege 3 (or do we care?)

The page contains:
???
B,GATE to syscall 0
???
B,GATE to syscall 1
???
B,GATE to syscall 2
etc.

I don't know what goes in ???, but clearly something is required so that
we don't get nailed by PSW[B].  Maybe a NOP, but probably something more
useful is required (set up space and other registers?).  The access ID
for that page should probably be 0, to make it universally accessible.

Questions:
- how many privilege levels do we care about?
- is it sufficient to mark kernel data as [001,00,00] with an access ID
of 0 so that all processes can get at it (when they've become
beprivileged enough!) ?  (With variants for code [100,00,00] and
read-only [000,00,00], of course.)
- what should go in ``???''?  Just something that sets PSW[C]?
- am I totally on crack?

Mike

-- 
345127.74 293957.05