[src/trunk]: src/sys/arch/i386/stand/lib Replace EPIA_HACK code with a versio...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/arch/i386/stand/lib Replace EPIA_HACK code with a versio...
From: dsl <dsl%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 18:09:51 +0000

details:   https://anonhg.NetBSD.org/src/rev/59a2f5c93c2b
branches:  trunk
changeset: 749200:59a2f5c93c2b
user:      dsl <dsl%NetBSD.org@localhost>
date:      Sat Nov 21 11:54:47 2009 +0000

description:
Replace EPIA_HACK code with a version that 'just' trashes any return
address cache.  This seems to be rather more effective!
This seems to be adequate and is more justifyable than the previous hack.

diffstat:

 sys/arch/i386/stand/lib/realprot.S |  53 +++++++++++++++----------------------
 1 files changed, 21 insertions(+), 32 deletions(-)

diffs (90 lines):

diff -r 2bfcd967f4e6 -r 59a2f5c93c2b sys/arch/i386/stand/lib/realprot.S
--- a/sys/arch/i386/stand/lib/realprot.S        Sat Nov 21 11:52:57 2009 +0000
+++ b/sys/arch/i386/stand/lib/realprot.S        Sat Nov 21 11:54:47 2009 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: realprot.S,v 1.8 2009/02/16 22:39:30 jmcneill Exp $    */
+/*     $NetBSD: realprot.S,v 1.9 2009/11/21 11:54:47 dsl Exp $ */
 
 /*-
  * Copyright (c) 2003 The NetBSD Foundation, Inc.
@@ -184,33 +184,31 @@
 /*
  * EPIA_HACK
  *
- * VIA C3 processors don't seem to correctly switch back to executing
- * 16 bit code after the switch to real mode and subsequent jump.
+ * VIA C3 processors (Eden, Samuel 2) don't seem to correctly switch back to
+ * executing 16 bit code after the switch to real mode and subsequent jump.
  *
  * It is speculated that the CPU is prefetching and decoding branch
  * targets and not invalidating this buffer on the long jump.
+ * Further investication indicates that the caching of return addresses
+ * is most likely the problem.
  *
- * The precise reason for this hack working is still unknown, but
- * it was determined experimentally on two theories:
- * 1) Flush the pipeline with NOPs
- * 2) call/ret after the return from prot_to_real seems to improve matters,
- *    perhaps by making more work for the branch prediction/prefetch logic.
+ * Previous versions just used some extra call/ret and a few NOPs, these
+ * only helped a bit, but booting compressed kernels would still fail.
  *
- * Neither of these individually are effective, but this combination is
- * determined experimentally to be sufficient.
+ * Trashing the return address stack (by doing 'call' without matched 'ret')
+ * Seems to fix things completely. 1 iteration isn't enough, 16 is plenty.
  */
 ENTRY(prot_to_real)
-#ifdef EPIA_HACK
-       .code32
-       call prot_to_real_main
-       .code16
-       call epia_nops
-       retl
-
-prot_to_real_main:
-#endif
        .code32
        pushl   %eax
+#ifdef EPIA_HACK
+       push    %ecx
+       push    $0x10
+       pop     %ecx
+1:     call    trash_return_cache
+       loop    1b
+       pop     %ecx
+#endif
 
        /*
         * Load the segment registers while still in protected mode.
@@ -260,10 +258,6 @@
        jne     1f
        pop     %bp
 
-#ifdef EPIA_HACK
-       call epia_nops
-#endif
-
        sti
        popl    %eax
        retl
@@ -283,15 +277,10 @@
        . = . + 16
 
 #ifdef EPIA_HACK
-epia_nops:
-       .code16
-       nop
-       nop
-       nop
-       nop
-       nop
-       nop
-       ret
+trash_return_cache:
+       .code32
+       pop     %eax
+       jmp     *%eax
 #endif
 
 /* vtophys(void *)

Prev by Date: [src/trunk]: src/sys/arch/evbarm/gumstix Fix a bug.
Next by Date: [src/trunk]: src/sys/arch/i386/stand/lib Preserve %ds over bios calls.
Previous by Thread: [src/trunk]: src/sys/arch/evbarm/gumstix Fix a bug.
Next by Thread: [src/trunk]: src/sys/arch/i386/stand/lib Preserve %ds over bios calls.
Indexes:

Home | Main Index | Thread Index | Old Index