From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner+w=401wt.eu-S933651AbYCABUd@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S933651AbYCABUd (ORCPT <rfc822;w@1wt.eu>);
	Fri, 29 Feb 2008 20:20:33 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S934032AbYCABUF
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Fri, 29 Feb 2008 20:20:05 -0500
Received: from ogre.sisk.pl ([217.79.144.158]:33752 "EHLO ogre.sisk.pl"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S933043AbYCABUE (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Fri, 29 Feb 2008 20:20:04 -0500
From: "Rafael J. Wysocki" <rjw@sisk.pl>
To: "H. Peter Anvin" <hpa@zytor.com>
Subject: Re: Regression in 2.6.25-rc3: s2ram segfaults before suspending
Date: Sat, 1 Mar 2008 02:18:39 +0100
User-Agent: KMail/1.9.6 (enterprise 20070904.708012)
Cc: "Klaus S. Madsen" <ksm@hjernemadsen.org>, Ingo Molnar <mingo@elte.hu>,
       LKML <linux-kernel@vger.kernel.org>, Pavel Machek <pavel@ucw.cz>,
       Thomas Gleixner <tglx@linutronix.de>
References: <20080227221033.GR17932@hjernemadsen.org> <20080229070028.GK17932@hjernemadsen.org> <47C873AA.6040305@zytor.com>
In-Reply-To: <47C873AA.6040305@zytor.com>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200803010218.39930.rjw@sisk.pl>
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Friday, 29 of February 2008, H. Peter Anvin wrote:
> Klaus S. Madsen wrote:
> > open("/dev/mem", O_RDWR)                = 5
> > mmap2(NULL, 1282, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_SHARED|MAP_FIXED, 5, 0) = 0
> > mmap2(0xa0000, 393216, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED, 5, 0xa0) = 0xa0000
>                           ^^^^^^^^^^^^^^^^^^^^
> > close(5)                                = 0
> > ioperm(0, 0x400, 0x1)                   = 0
> > iopl(0x3)                               = 0
> > access("/sys/bus/pci", R_OK)            = 0
> > write(1, "Calling get_mode\n", 17)      = 17
> > vm86(0x1, 0xb7f14ccc, 0xb7f14830, 0xc000, 0x18b6 <unfinished ...>
> > --- SIGSEGV (Segmentation fault) @ 0 (0) ---
> > +++ killed by SIGSEGV (core dumped) +++
> 
> This is the VGA BIOS being mapped, it's mapped PROT_READ|PROT_WRITE, but 
>   no PROT_EXEC; if the kernel is NX-capable it *should* segfault trying 
> to execute out of this area, which is exactly what will happen when vm86 
> executes INT 10h.
> 
> If we can find that mmap() in the s2ram source code and add PROT_EXEC to 
> it, it would be interesting.

This is in radeontool.c, line 91, AFAICS.

Thanks,
Rafael