Merge branch 'upstream'
[nativeclient.git] / service_runtime / sel_rt.h
blob5b55ee08b88a280f8f2aa1bd4f90d6d11bfb6883
1 /*
2 * Copyright 2008, Google Inc.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are
7 * met:
8 *
9 * * Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * * Redistributions in binary form must reproduce the above
12 * copyright notice, this list of conditions and the following disclaimer
13 * in the documentation and/or other materials provided with the
14 * distribution.
15 * * Neither the name of Google Inc. nor the names of its
16 * contributors may be used to endorse or promote products derived from
17 * this software without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 * NaCl Secure Runtime
36 #ifndef __SEL_RT_H__
37 #define __SEL_RT_H__ 1
39 #include "native_client/include/portability.h"
41 uint16_t NaClGetCs(void);
42 /* setting CS is done using an lcall */
44 uint16_t NaClGetDs(void);
46 void NaClSetDs(uint16_t v);
48 uint16_t NaClGetEs(void);
50 void NaClSetEs(uint16_t v);
52 uint16_t NaClGetFs(void);
54 void NaClSetFs(uint16_t v);
56 uint16_t NaClGetGs(void);
58 void NaClSetGs(uint16_t v);
60 uint16_t NaClGetSs(void);
62 /* not really a segment registers, but ... */
64 uint32_t NaClGetEsp(void);
66 uint32_t NaClGetEbx(void);
69 * On a context switch through the syscall interface, not all
70 * registers are saved. We assume that C calling convention is used,
71 * so %ecx and %edx are caller-saved and the NaCl service runtime do
72 * not have to bother saving them; %eax (or %edx:%eax pair) should
73 * have the return value, so its old value is also not saved. (We
74 * should, however, ensure that there is not an accidental covert
75 * channel leaking information via these registers on syscall return.)
76 * The eflags register is also caller saved.
78 * TODO if/when we do pre-emptive thread switching (to multiplex
79 * user threads on top of kernel threads, for example), we will have
80 * to add the full CPU state back in and figure out how to do a full
81 * context switch completely in ring 3 code.
83 * We assume that the following is packed. This is true for gcc and
84 * msvc for x86, but we will include a check that sizeof(struct
85 * NaClThreadContext) == 9*4 == 36 bytes.
87 struct NaClThreadContext {
88 uint32_t ebx, esi, edi, ebp, esp; /* ecx, edx, eax, eflags not saved */
89 /* 0 4 8 c 10 */
90 uint32_t eip; /* return addr */
91 /* 14 */
92 uint16_t cs, ds, es, fs, gs, ss;
93 /* 18 1a 1c 1e 20 22 */
95 * gs is our TLS base in the app; on the host side it's either fs or gs.
100 * A sanity check -- should be invoked in some early function, e.g.,
101 * main, or something that main invokes early.
103 #define NACL_THREAD_CHECK do { \
104 CHECK(sizeof(struct NaClThreadContext)==36); \
105 } while (0)
107 struct NaClApp; /* fwd */
109 int NaClThreadContextCtor(struct NaClThreadContext *ntcp,
110 uintptr_t eip,
111 uintptr_t esp,
112 uint16_t des_seg,
113 uint16_t gs,
114 uint16_t cs);
116 void NaClThreadContextDtor(struct NaClThreadContext *ntcp);
118 #endif