From: dej@achilles.net (David Jones)
   Date: Sun, 17 Sep 1995 10:28:10 -0400 (EDT)

   > Finally, a good way to do SRMMU stack checking is to do no checking at
   > all. 
   > You dump the
   > registed onto the stack (or read them from the stack) no matter what,
   > only that you set the no_fault bit in the mmu control register prior
   > to doing the loads/stores.  something like:
   > 

   Is this safe?  I don't know much about the Sparc, but what stops me from
   pointing my %sp into what would be kernel address space then causing a
   window trap, writing my registers into the kernel?  

   Does the no-fault bit suppress faulted writes?

Basically the routine goes like this:

andcc	%sp, 0x7, %g0		! Is stack aligned?
bne	bogon_user_stack	! nope
sethi	%hi(KERNBASE), %g3	!
cmp	%g3, %sp		! Is stack in kernel vma?
bleu	bogon_user_stack
nop
	/* Clear SRMMU fault status registers. */
	/* Turn on SRMMU no_fault bit. */
SAVE_WINDOW(sp)
	/* Turn off SRMMU no_fault bit. */
	/* Load SFSR into %g3 */
andcc	%g3, 0x2, %g3
bne	we_faulted
nop

b	success
nop

This handles all cases.  We only do the 'cross your fingers and just
do it' store/load of the window after we check its alignment and
whether it happens to be in kernel vma.  It works, I've tested it.

Later,
David S. Miller
davem@caip.rutgers.edu