Page MenuHomeFreeBSD

pmap: Keep PTI page table pages busy always
ClosedPublic

Authored by markj on Jun 13 2022, 2:12 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jan 9, 1:17 AM
Unknown Object (File)
Fri, Dec 27, 7:59 PM
Unknown Object (File)
Thu, Dec 26, 12:27 PM
Unknown Object (File)
Nov 9 2024, 3:18 PM
Unknown Object (File)
Oct 9 2024, 7:53 AM
Unknown Object (File)
Oct 5 2024, 7:32 AM
Unknown Object (File)
Oct 5 2024, 7:29 AM
Unknown Object (File)
Oct 5 2024, 7:29 AM
Subscribers

Details

Summary

vm_page_free() expects the page to be busied since it belongs to an
object. However, PTI PTPs are never busy, so if a page allocation
failure occurs while mapping user-accessible KVA regions, we panic.

This was effectively an omission from commit
e9ceb9dd110e04fc19729b4e9fb1c8bfbb8398a3. So just keep PTI page table
pages busy.

Reported by: syzkaller

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 45967
Build 42855: arc lint + arc unit

Event Timeline

markj requested review of this revision.Jun 13 2022, 2:12 PM
This revision is now accepted and ready to land.Jun 13 2022, 4:08 PM

Hmm, actually this change might need to go a bit further: pmap_pti_free_page() should use vm_page_xbusy_claim(), at least in principle.

  • Claim xbusy before freeing PTI page table pages.
  • Remove some redundant assertions about ref_count, vm_page_unwire_noq() provides the same assertion.
This revision now requires review to proceed.Jun 14 2022, 2:06 PM
This revision is now accepted and ready to land.Jun 14 2022, 5:34 PM
This revision was automatically updated to reflect the committed changes.