CVS commit: src/sys/arch/aarch64/aarch64

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/arch/aarch64/aarch64
From: "Taylor R Campbell" <riastradh%netbsd.org@localhost>
Date: Sun, 30 Oct 2022 10:26:48 +0000

Module Name:    src
Committed By:   riastradh
Date:           Sun Oct 30 10:26:48 UTC 2022

Modified Files:
        src/sys/arch/aarch64/aarch64: pmap.c

Log Message:
aarch64/pmap(9): Teach pmap_protect about pmap_kenter_pa mappings.

Pages mapped with pmap_kenter_pa are necessarily unmanaged, so there
are no P->V records, and pmap_kenter_pa leaves pp->pp_pv.pv_va zero
with no modified/referenced state.

However, pmap_protect erroneously examined pp->pp_pv.pv_va to
ascertain the modified/referenced state -- and if the page was not
marked referenced, pmap_protect would clear the LX_BLKPAG_AF bit
(Access Flag), with the effect that subsequent uses of the page fault
and require a detour through pmap_fault_fixup.

This caused problems for the kernel module loader:

- When loading the text section, kobj_load first allocates kva with
  uvm_km_alloc(UVM_KMF_WIRED|UVM_KMF_EXEC), which creates ptes with
  pmap_kenter_pa.  These ptes are writable, so we can copy the text
  section into them, and have LX_BLKPAG_AF set so there will be no
  fault when they are used by the kernel.

- But then kobj_affix makes the text section read/execute-only (and
  nonwritable) with uvm_km_protect(VM_PROT_READ|VM_PROT_EXECUTE),
  which updates the ptes with pmap_protect.  This _should_ leave
  LX_BLKPAG_AF set, but by inadvertently treating the page as managed
  when it should be unmanaged, pmap_protect cleared it instead.

- Most of the time, clearing LX_BLKPAG_AF caused no problem, because
  pmap_fault_fixup would silently resolve it.  But if a hard
  interrupt handler tried to use any page in the module's text (or
  rodata, I suspect) that was not yet fixed up, the CPU would fault
  and enter pmap_fault_fixup -- which would promptly crash (or hang)
  by trying to take the pmap lock in interrupt context, which is
  forbidden.

  I observed this by loading dtrace.kmod early at boot and trying to
  dtrace hard interrupt handlers.

With this change, pmap_protect now recognizes wired mappings (as
created by pmap_kenter_pa) before consulting pp->pp_pv.pv_va, and
preserves then LX_BLKPAG_AF bit in that case.

ok skrll


To generate a diff of this commit:
cvs rdiff -u -r1.145 -r1.146 src/sys/arch/aarch64/aarch64/pmap.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/arch/arm/pic
Next by Date: CVS commit: src/sys/dev/i2c
Previous by Thread: CVS commit: src/sys/arch/arm/pic
Next by Thread: CVS commit: src/sys/dev/i2c
Indexes:

Home | Main Index | Thread Index | Old Index