From f5afbdb287dd18ac0f0962891d6df977c4cba0b9 Mon Sep 17 00:00:00 2001
From: Ian Moffett <ian@mirocom.org>
Date: Fri, 17 Apr 2026 10:59:19 -0400
Subject: [PATCH] sp1/amd64+knot: Add kernel knot() function

Signed-off-by: Ian Moffett <ian@mirocom.org>
---
 usr/src/sp1/amd64/os/knot_thunk.S | 49 +++++++++++++++++++++++++++++++
 usr/src/sp1/common/os/knot.c      | 39 ++++++++++++++++++++++++
 usr/src/sp1/head/os/knot.h        | 37 +++++++++++++++++++++++
 3 files changed, 125 insertions(+)
 create mode 100644 usr/src/sp1/amd64/os/knot_thunk.S
 create mode 100644 usr/src/sp1/common/os/knot.c
 create mode 100644 usr/src/sp1/head/os/knot.h

diff --git a/usr/src/sp1/amd64/os/knot_thunk.S b/usr/src/sp1/amd64/os/knot_thunk.S
new file mode 100644
index 0000000..772c08a
--- /dev/null
+++ b/usr/src/sp1/amd64/os/knot_thunk.S
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2026, Mirocom Laboratories
+ * All rights reserved.
+ *
+ * The following sources are CONFIDENTIAL and PROPRIETARY
+ * property of Mirocom Laboratories. Unauthorized copying,
+ * use, distribution or modification of this file, in whole
+ * and in part, is strictly prohibited without the prior written
+ * consent from Mirocom Laboratories.
+ */
+
+    .text
+    .globl knot
+knot:
+    cli     // Ensure interrupts are disabled
+    cld     // Ensure the direction flag is clear
+
+    //
+    // On a multi-processor system we really want to ensure that
+    // only the current processor core gets to fuck and knot the
+    // kernel. Atomically acquire the MP lock to lockout other cores
+    // out.
+    //
+    mov $1, %rax                // Obtain lock
+    xchg %rax, __mp_lock        // Swap it atomically
+    or %rax, %rax               // Are we another processor?
+    jnz .lockout                // Yes, enter lockout
+
+    //
+    // Cumdrunk kernels cannot be trusted, we must update the stack
+    // to a known address to avoid clobbering memory we don't wanna
+    // touch. We also want to ensure that any partial memory transactions
+    // that have not 100% finished to be finished before we enter the main
+    // panic handler. This might not be fully needed but it is a precaution
+    // to be taken.
+    //
+    lea stack_top(%rip), %rsp
+    mfence
+    jmp __knot
+.lockout:
+    hlt
+    jmp .lockout
+
+    .section .data
+__mp_lock: .quad 0
+
+    .section .bss
+stack_base: .skip 4096, 0
+stack_top:
diff --git a/usr/src/sp1/common/os/knot.c b/usr/src/sp1/common/os/knot.c
new file mode 100644
index 0000000..64d426e
--- /dev/null
+++ b/usr/src/sp1/common/os/knot.c
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2026, Mirocom Laboratories
+ * All rights reserved.
+ *
+ * The following sources are CONFIDENTIAL and PROPRIETARY
+ * property of Mirocom Laboratories. Unauthorized copying,
+ * use, distribution or modification of this file, in whole
+ * and in part, is strictly prohibited without the prior written
+ * consent from Mirocom Laboratories.
+ */
+
+#include <os/knot.h>
+#include <lib/printf.h>
+#include <mu/cpu.h>
+#include <stdarg.h>
+
+/*
+ * Even though we can assume that the stack is safe to use upon
+ * entry of __knot(), we still want to avoid using it for stability
+ * and security reasons. Globals go here.
+ */
+static char knotbuf[256];
+static va_list ap;
+
+__no_return void
+__knot(const char *fmt, ...)
+{
+    va_start(ap, fmt);
+    vsnprintf(knotbuf, sizeof(knotbuf), fmt, ap);
+
+    printf("\033[31;40m*******************************************\n");
+    printf("ah!~ fuck, i've been knotted~ @.@\n");
+    printf("knot: %s\n", knotbuf);
+
+    for (;;) {
+        mu_cpu_intoff();
+        mu_cpu_halt();
+    }
+}
diff --git a/usr/src/sp1/head/os/knot.h b/usr/src/sp1/head/os/knot.h
new file mode 100644
index 0000000..b7d4fbb
--- /dev/null
+++ b/usr/src/sp1/head/os/knot.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2026, Mirocom Laboratories
+ * All rights reserved.
+ *
+ * The following sources are CONFIDENTIAL and PROPRIETARY
+ * property of Mirocom Laboratories. Unauthorized copying,
+ * use, distribution or modification of this file, in whole
+ * and in part, is strictly prohibited without the prior written
+ * consent from Mirocom Laboratories.
+ */
+
+#ifndef _OS_KNOT_H_
+#define _OS_KNOT_H_ 1
+
+#include <sys/cdefs.h>
+#include <stdarg.h>
+
+/*
+ * This routine knots and fucks the kernel so it doesn't
+ * go anywhere and is halted. This is used during serious
+ * errors that may occur.
+ *
+ * @fmt:   Format specifier
+ * @<...>: Vargs
+ */
+__no_return void knot(const char *fmt, ...);
+
+/*
+ * This routine is the main panic handler and should NOT be
+ * called directly.
+ *
+ * @fmt:   Format specifier
+ * @<...>: Vargs
+ */
+__no_return void __knot(const char *fmt, ...);
+
+#endif  /* !_OS_KNOT_H_ */