lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <217644.17566.qm@web26902.mail.ukl.yahoo.com>
Date:	Mon, 16 Jul 2007 11:02:01 +0200 (CEST)
From:	Etienne Lorrain <etienne_lorrain@...oo.fr>
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	Chuck Ebbert <cebbert@...hat.com>, linux-kernel@...r.kernel.org,
	Linus Torvalds <torvalds@...ux-foundation.org>
Subject: RE : Re: RE : Re: x86 setup code rewrite in C - revised

--- "H. Peter Anvin" <hpa@...or.com> wrote:
> >>>>  - Does not save and restore %ds when printing a char on the screen (%ds is
> >>>>  destroyed only when the content of the screen scroll - only for some video cards)
> >> %ds?  Aren't you confusing it with the old bug which would destroy %bp?
> >>  If you have any references to %ds being destroyed I would be very
> >> surprised.  I can guarantee that very little if any assembly code I've
> >> ever seen that deals with INT 10h -- and I've seen a lot of it -- guards
> >> against %ds being randomly trashed.
> >>
> >> However, the trashing of %bp is a well-known bug (although only for
> >> machines older than the ones that can run Linux) -- the Interrupt List has:
> >>
> >> BUGS:   some implementations (including the original IBM PC) have a bug
> >>  	which destroys BP
> > 
> >  That is on Trident cards, old card but may still be used, and BIOS may have
> > been copied to other cards.
> >  Detected and documented on Gujin (boot.c and vgabios.h scroll)
> 
> Are you talking about BP or DS?  As I said, the BP is well-known, and
> the code accounts for it in the form of the INT10 macro.

 Extract of RBIL61:
INT 10 - VIDEO - SCROLL UP WINDOW
	AH = 06h
	AL = number of lines by which to scroll up (00h = clear entire window)
	BH = attribute used to write blank lines at bottom of window
	CH,CL = row,column of window's upper left corner
	DH,DL = row,column of window's lower right corner
Return: nothing
Note:	affects only the currently active page (see AH=05h)
BUGS:	some implementations (including the original IBM PC) have a bug which
	  destroys BP
	the Trident TVGA8900CL (BIOS dated 1992/9/8) clears DS to 0000h when
	  scrolling in an SVGA mode (800x600 or higher)

 Scrolling is only (and automatically) done if the cursor is at bottom right.

> >>>>  Also, I do not know if "m" is right in here:
> >>>> static inline u8 rdfs8(addr_t addr)
> >>>> {
> >>>> 	u8 v;
> >>>> 	asm("movb %%fs:%1,%0" : "=r" (v) : "m" (*(u8 *)addr));
> >>>> 	return v;
> >>>> }
> >> The "m" is correct right there.
> > 
> >  strange, "g" would mean anything can go there - and this assembly instruction
> > should accept every access modes.
> 
> Not with an %fs: prefix.  It would also allow the compiler to do a move
> into a register "on its own", which would be disastrous, since it would
> lack the prefix.  So "m" is correct.

  "mov %fs:(%ebx,%eax,4),%ecx" works for me.

 Etienne.


      _____________________________________________________________________________ 
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ