From ab640e3a6b7912e5ab68a462de21c535df89bafd Mon Sep 17 00:00:00 2001
From: "kaf24@firebug.cl.cam.ac.uk" <kaf24@firebug.cl.cam.ac.uk>
Date: Wed, 23 Mar 2005 16:16:02 +0000
Subject: [PATCH] bitkeeper revision 1.1236.1.119
 (42419642x9bxSKNyV0KCEA1fUnjaDg)

Fix create_bounce_frame() for both x86/32 and x86/64 (each was broken
in a different way).
Signed-off-by: Keir Fraser <keir@xensource.com>
---
 xen/arch/x86/x86_32/asm-offsets.c |  2 ++
 xen/arch/x86/x86_32/entry.S       | 14 +++-----------
 xen/arch/x86/x86_64/entry.S       |  2 +-
 3 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/xen/arch/x86/x86_32/asm-offsets.c b/xen/arch/x86/x86_32/asm-offsets.c
index e0ba6ca760..ee605b9471 100644
--- a/xen/arch/x86/x86_32/asm-offsets.c
+++ b/xen/arch/x86/x86_32/asm-offsets.c
@@ -47,6 +47,8 @@ void __dummy__(void)
     OFFSET(EDOMAIN_failsafe_addr, struct exec_domain, arch.failsafe_address);
     OFFSET(EDOMAIN_trap_bounce, struct exec_domain, arch.trap_bounce);
     OFFSET(EDOMAIN_thread_flags, struct exec_domain, arch.flags);
+    OFFSET(EDOMAIN_kernel_ss, struct exec_domain, arch.kernel_ss);
+    OFFSET(EDOMAIN_kernel_sp, struct exec_domain, arch.kernel_sp);
     BLANK();
 
     OFFSET(VCPUINFO_upcall_pending, vcpu_info_t, evtchn_upcall_pending);
diff --git a/xen/arch/x86/x86_32/entry.S b/xen/arch/x86/x86_32/entry.S
index b54b89b979..4fb1221fb6 100644
--- a/xen/arch/x86/x86_32/entry.S
+++ b/xen/arch/x86/x86_32/entry.S
@@ -299,23 +299,15 @@ process_softirqs:
                 
 /* CREATE A BASIC EXCEPTION FRAME ON GUEST OS (RING-1) STACK:            */
 /*   {EIP, CS, EFLAGS, [ESP, SS]}                                        */
-/* %edx == trap_bounce, %ebx == task_struct                              */
+/* %edx == trap_bounce, %ebx == struct exec_domain                       */
 /* %eax,%ecx are clobbered. %gs:%esi contain new XREGS_ss/XREGS_esp. */
 create_bounce_frame:
         movl XREGS_eflags+4(%esp),%ecx
         movb XREGS_cs+4(%esp),%cl
         testl $(2|X86_EFLAGS_VM),%ecx
         jz   ring1 /* jump if returning to an existing ring-1 activation */
-        /* obtain ss/esp from TSS -- no current ring-1 activations */
-        movl EDOMAIN_processor(%ebx),%eax
-        /* next 4 lines multiply %eax by 8320, which is sizeof(tss_struct) */
-        movl %eax, %ecx
-        shll $7, %ecx
-        shll $13, %eax
-        addl %ecx,%eax
-        addl $init_tss + 12,%eax
-        movl (%eax),%esi /* tss->esp1 */
-FLT6:   movl 4(%eax),%gs /* tss->ss1  */
+        movl EDOMAIN_kernel_sp(%ebx),%esi
+FLT6:   movl EDOMAIN_kernel_ss(%ebx),%gs
         testl $X86_EFLAGS_VM,XREGS_eflags+4(%esp)
         jz   nvm86_1
         subl $16,%esi       /* push ES/DS/FS/GS (VM86 stack frame) */
diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S
index 16b5850d60..ddac4247b3 100644
--- a/xen/arch/x86/x86_64/entry.S
+++ b/xen/arch/x86/x86_64/entry.S
@@ -165,11 +165,11 @@ create_bounce_frame:
         testb $TF_kernel_mode,EDOMAIN_thread_flags(%rbx)
         jnz   1f
         /* Push new frame at registered guest-OS stack base. */
-        movq  EDOMAIN_kernel_sp(%rbx),%rsi
         pushq %rdx
         movq  %rbx,%rdi
         call  SYMBOL_NAME(toggle_guest_mode)
         popq  %rdx
+        movq  EDOMAIN_kernel_sp(%rbx),%rsi
         jmp   2f
 1:      /* In kernel context already: push new frame at existing %rsp. */
         movq  XREGS_rsp+8(%rsp),%rsi
-- 
2.30.2