Page MenuHomeFreeBSD
Differential D21841

Fix arm64's pmap_enter_quick_locked()
ClosedPublic
Actions

Authored by alc on Sep 29 2019, 6:05 PM.
Tags
None
Referenced Files
F152917674: D21841.id62794.diff
Sat, Apr 18, 1:05 AM
Unknown Object (File)
Fri, Apr 17, 10:56 AM
Unknown Object (File)
Tue, Apr 14, 11:35 PM
Unknown Object (File)
Mon, Apr 13, 9:22 AM
Unknown Object (File)
Sun, Apr 12, 11:47 PM
Unknown Object (File)
Mon, Mar 30, 11:06 PM
Unknown Object (File)
Thu, Mar 26, 2:53 PM
Unknown Object (File)
Mon, Mar 23, 6:59 AM
View All 93 Files
Subscribers
emaste
imp

Details

Reviewers
andrew
markj
manu
Commits
rS352930: In short, pmap_enter_quick_locked("user space", ..., VM_PROT_READ) doesn't
Summary

When arm64's pmap_enter_quick_locked() creates a user-space mapping, it doesn't set ATTR_AP(ATTR_AP_USER) in the PTE, so any subsequent attempt to read from the page triggers a page fault.

This problem isn't fatal because the page fault handler will determine that the mapping should be valid and perform a pmap_enter() that sets ATTR_AP(ATTR_AP_USER) in the new PTE.

That said, I do believe that instruction fetches are not affected by this bug. (See Table D5-33 in the architecture manual.) In other words, as long as the mapping doesn't have ATTR_XN set, user-space instruction fetches will succeed even without ATTR_AP(ATTR_AP_USER) in the PTE.

Test Plan

Clang reads source files using mmap(). Before applying this patch, vmstat -s reported "235989057 total VM faults taken" after a "buildworld". After applying the patch, vmstat -s reported "190243137 total VM faults taken".

I'm double-checking these numbers, because the difference is more than I would have guessed.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
head/
sys/
arm64/
arm64/
4 lines

Diff 62794

View Options

head/sys/arm64/arm64/pmap.c

Loading...