CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Konstantin Belousov <kib@FreeBSD.org>
	Fri, 21 Mar 2014 14:25:09 +0000 (14:25 +0000)
committer	Konstantin Belousov <kib@FreeBSD.org>
	Fri, 21 Mar 2014 14:25:09 +0000 (14:25 +0000)
commit	52f3c44efef6cd27d8cb479f1d8f0297d4990abc
tree	230ee4a4711fed9e521781011714f203966663ab	tree \| snapshot
parent	997ac6905faaecf6ac07b56d3daa6919545e3121	commit \| diff

Fix two issues with /dev/mem access on amd64, both causing kernel page
faults.

First, for accesses to direct map region should check for the limit by
which direct map is instantiated.

Second, for accesses to the kernel map, success returned from the
kernacc(9) does not guarantee that consequent attempt to read or write
to the checked address succeed, since other thread might invalidate
the address meantime. Add a new thread private flag TDP_DEVMEMIO,
which instructs vm_fault() to return error when fault happens on the
MAP_ENTRY_NOFAULT entry, instead of panicing. The trap handler would
then see a page fault from access, and recover in normal way, making
/dev/mem access safer.

Remove GIANT_REQUIRED from the amd64 memrw(), since it is not needed
and having Giant locked does not solve issues for amd64.

Note that at least the second issue exists on other architectures, and
requires similar patching for md code.

Reported and tested by: clusteradm (gjb, sbruno)
Sponsored by: The FreeBSD Foundation
MFC after: 1 week

sys/amd64/amd64/mem.c		diff \| blob \| history
sys/amd64/amd64/trap.c		diff \| blob \| history
sys/kern/subr_trap.c		diff \| blob \| history
sys/sys/proc.h		diff \| blob \| history
sys/vm/vm_fault.c		diff \| blob \| history