PR/59955 CVS commit: [netbsd-11] src/sys/arch/amd64/amd64

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,campbell+netbsd%mumble.net@localhost
Subject: PR/59955 CVS commit: [netbsd-11] src/sys/arch/amd64/amd64
From: "Martin Husemann" <martin%netbsd.org@localhost>
Date: Wed, 4 Mar 2026 20:10:01 +0000 (UTC)

The following reply was made to PR kern/59955; it has been noted by GNATS.

From: "Martin Husemann" <martin%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc: 
Subject: PR/59955 CVS commit: [netbsd-11] src/sys/arch/amd64/amd64
Date: Wed, 4 Mar 2026 20:05:59 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Wed Mar  4 20:05:58 UTC 2026
 
 Modified Files:
 	src/sys/arch/amd64/amd64 [netbsd-11]: machdep.c
 
 Log Message:
 Pull up following revision(s) (requested by riastradh in ticket #199):
 
 	sys/arch/amd64/amd64/machdep.c: revision 1.379
 
 amd64: Fix locking around uvm_map_checkprot in mm_md_kernacc.
 
 This call was originally introduced in sys/arch/amd64/amd64/mem.c
 rev. 1.11 back in 2003 by fvdl@ with the commit message:
 
 Proper checks for kmem reads beyond _end
 https://mail-index.netbsd.org/source-changes/2003/10/14/msg135803.html
 
 At some point, SOMEBODY added an assertion in uvm that made it stop
 working:
 uvm_map(9): Sprinkle assertions and interface contract comments.
 No functional change intended.
 
 https://mail-index.netbsd.org/source-changes/2024/08/13/msg152763.html
 (Really, this assertion revealed that this path was broken all along.)
 
 This patch makes the amd64 mm_md_kernacc match the corresponding logic
 in uvm_kernacc around uvm_map_checkprot:
     104         vm_map_lock_read(kernel_map);
     105         rv = uvm_map_checkprot(kernel_map, saddr, eaddr, prot);
     106         vm_map_unlock_read(kernel_map);
 https://nxr.netbsd.org/xref/src/sys/uvm/uvm_glue.c#92
 
 Now, all of these checks in /dev/mem and company look like TOCTOU
 bogosity, because the answers are stale by the time we reach uiomove,
 which has to re-check any access anyway:
     269         if (!md_kva) {
     270                 bool checked = false;
     271
     272 #ifdef __HAVE_MM_MD_KERNACC
     273                 /* MD check for the address. */
     274                 error = mm_md_kernacc(addr, prot, &checked);
     275                 if (error) {
     276                         return error;
     277                 }
     278 #endif
     279                 /* UVM check for the address (unless MD indicated to not). */
     280                 if (!checked && !uvm_kernacc(addr, len, prot)) {
     281                         return EFAULT;
     282                 }
     283         }
     284         error = uiomove(addr, len, uio);
 https://nxr.netbsd.org/xref/src/sys/dev/mm.c?r=1.25#269
 But we can address that in a separate change.
 
 PR kern/59955: kernel diagnostic assertion "rw_lock_held(&map->lock)"
 failed: file "/home/riastradh/netbsd/11/src/sys/uvm/uvm_map.c", line
 1704
 
 
 To generate a diff of this commit:
 cvs rdiff -u -r1.376 -r1.376.2.1 src/sys/arch/amd64/amd64/machdep.c
 
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

Prev by Date: PR/59973 CVS commit: [netbsd-11] src/external/bsd/ntp/dist/include
Next by Date: PR/60025 CVS commit: [netbsd-11] xsrc/external/mit/MesaLib/dist/src
Previous by Thread: PR/59973 CVS commit: [netbsd-11] src/external/bsd/ntp/dist/include
Next by Thread: PR/60025 CVS commit: [netbsd-11] xsrc/external/mit/MesaLib/dist/src
Indexes:

Home | Main Index | Thread Index | Old Index