[src/trunk]: src/sys/arch/m68k/m68k Fix out of bounds invalidate (and writeba...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/arch/m68k/m68k Fix out of bounds invalidate (and writeba...
From: tsutsui <tsutsui%NetBSD.org@localhost>
Date: Thu, 05 Jan 2023 23:35:50 +0000

details:   https://anonhg.NetBSD.org/src/rev/45521e6107f4
branches:  trunk
changeset: 372926:45521e6107f4
user:      tsutsui <tsutsui%NetBSD.org@localhost>
date:      Thu Jan 05 18:27:48 2023 +0000

description:
Fix out of bounds invalidate (and writeback) in bus_dmamap_sync(9) ops.

Detected by the POOL_REDZONE check in sys/kern/subr_pool.c that
has been activated if options DIAGNOSTIC is enabled on post netbsd-9.
The extra invalidate on DMASYNC_PREREAD op discards redzone pattern
data allocated right after an mbuf cluster without proper writeback
to memory so that it triggers false redzone assertions on freeing mbufs.
This bug was my botch in rev 1.25 committed 15 years ago. (sigh)

Fixes PR/57107 (kernel panic on -current when configuring network
with sn(4) on mac68k), as actually the bus_dma(9) op changes
in the past days were introduced for mac68k sn(4) improvements
by using the MI SONIC (src/sys/dev/ic/dp83932.c) driver.
 https://mail-index.netbsd.org/port-mac68k/2007/06/01/0001.html

Should be pulled up to netbsd-9 and netbsd-10.

diffstat:

 sys/arch/m68k/m68k/bus_dma.c |  10 ++++++----
 1 files changed, 6 insertions(+), 4 deletions(-)

diffs (38 lines):

diff -r b108a7865cb1 -r 45521e6107f4 sys/arch/m68k/m68k/bus_dma.c
--- a/sys/arch/m68k/m68k/bus_dma.c      Thu Jan 05 17:36:53 2023 +0000
+++ b/sys/arch/m68k/m68k/bus_dma.c      Thu Jan 05 18:27:48 2023 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: bus_dma.c,v 1.38 2022/07/26 20:08:55 andvar Exp $ */
+/* $NetBSD: bus_dma.c,v 1.39 2023/01/05 18:27:48 tsutsui Exp $ */
 
 /*
  * This file was taken from alpha/common/bus_dma.c
@@ -41,7 +41,7 @@
 
 #include <sys/cdefs.h>                 /* RCS ID & Copyright macro defns */
 
-__KERNEL_RCSID(0, "$NetBSD: bus_dma.c,v 1.38 2022/07/26 20:08:55 andvar Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bus_dma.c,v 1.39 2023/01/05 18:27:48 tsutsui Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -494,7 +494,8 @@
                        }
 
                        /* flush cachelines per 128bytes */
-                       while ((p < e) && (p & PAGE_MASK) != 0) {
+                       while ((p + CACHELINE_SIZE * 8 <= e) &&
+                           (p & PAGE_MASK) != 0) {
                                DCFL(p);
                                p += CACHELINE_SIZE;
                                DCFL(p);
@@ -570,7 +571,8 @@
                        }
 
                        /* purge cachelines per 128bytes */
-                       while ((p < e) && (p & PAGE_MASK) != 0) {
+                       while ((p + CACHELINE_SIZE * 8 <= e) &&
+                           (p & PAGE_MASK) != 0) {
                                DCPL(p);
                                p += CACHELINE_SIZE;
                                DCPL(p);

Prev by Date: [src/trunk]: src/sys/sys more strip(4) removal, this time in kauth(9)
Next by Date: [src/trunk]: src/sys wg(4): Allow non-root to retrieve information other than...
Previous by Thread: [src/trunk]: src/sys/sys more strip(4) removal, this time in kauth(9)
Next by Thread: [src/trunk]: src/sys wg(4): Allow non-root to retrieve information other than...
Indexes:

Home | Main Index | Thread Index | Old Index