c - Linux 内核中的 task_pt_regs

Question

/*
 * The below -8 is to reserve 8 bytes on top of the ring0 stack.
 * This is necessary to guarantee that the entire "struct pt_regs"
 * is accessible even if the CPU haven't stored the SS/ESP registers
 * on the stack (interrupt gate does not save these registers
 * when switching to the same priv ring).
 * Therefore beware: accessing the ss/esp fields of the
 * "struct pt_regs" is possible, but they may contain the
 * completely wrong values.
 */
#define task_pt_regs(task)                                             \
({                                                                     \
       struct pt_regs *__regs__;                                       \
       __regs__ = (struct pt_regs *)(KSTK_TOP(task_stack_page(task))-8); \
       __regs__ - 1;                                                   \
})

代码是从linux3.4.5/arch/x86/include/asm/processor.h复制过来的，我的问题是:

1. 关于“在 ring0 堆栈顶部保留 8 个字节”，谁能告诉我内核中的相关代码？

2. 如果“CPU 没有存储 SS/ESP 寄存器”，task_pt_regs 怎么才能得到 pt_regs 的正确地址？

   <

Answer 1

1. About "reserve 8 bytes on top of the ring0 stack", could anybody show me the related code in kernel?
   

您在问题中显示的代码为进程保留字节。创建进程时，其内核堆栈由以下调用链设置:

kernel 4.6
do_fork() -->
_do_fork() -->
    copy_process() -->
    copy_thread_tls() -->       arch/x86/kernel/process_64.c
        ... ...
        childregs = task_pt_regs(p);  //p is new process task_struct
                          //childregs point to new process pt_regs.
                          //This is where the new process reserved the space.
             ... ...
        *childregs = *current_pt_regs(); //Copy the pt_regs from parent process.

2. If "CPU haven't stored the SS/ESP register", how can task_pt_regs get the correct address of pt_regs?

保留空间是固定的(在本例中为 8 个字节)，KSTK_TOP 与任务的偏移量是固定的，struct pt_regs 也是固定大小的。所以如果知道任务地址，就可以得到struct pt_regs的地址。