git: 01bb9a2a3557 - main - arm64: Disable kernel superpage promotion when KMSAN is configured
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 08 Feb 2024 16:36:36 UTC
The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=01bb9a2a3557bc9389f628d301cd691e08266f1d commit 01bb9a2a3557bc9389f628d301cd691e08266f1d Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2024-02-08 16:02:48 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2024-02-08 16:35:11 +0000 arm64: Disable kernel superpage promotion when KMSAN is configured The break-before-make operation required to promote or demote a superpage leaves a window where the KMSAN runtime can trigger a fatal data abort. More specifically, the code in pmap_update_entry() which executes after ATTR_DESCR_VALID is cleared may implicitly attempt to access KMSAN context via curthread, but we may be promoting or demoting a 2MB page containing the curthread structure. Reviewed by: imp Sponsored by: Klara, Inc. Sponsored by: Juniper Networks, Inc. Differential Revision: https://reviews.freebsd.org/D43158 --- sys/arm64/arm64/pmap.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/sys/arm64/arm64/pmap.c b/sys/arm64/arm64/pmap.c index 7c7a9a08fd30..6a84b6bb80f8 100644 --- a/sys/arm64/arm64/pmap.c +++ b/sys/arm64/arm64/pmap.c @@ -728,6 +728,18 @@ pmap_ps_enabled(pmap_t pmap) if (pmap->pm_stage != PM_STAGE1) return (false); +#ifdef KMSAN + /* + * The break-before-make in pmap_update_entry() results in a situation + * where a CPU may call into the KMSAN runtime while the entry is + * invalid. If the entry is used to map the current thread structure, + * then the runtime will attempt to access unmapped memory. Avoid this + * by simply disabling superpage promotion for the kernel map. + */ + if (pmap == kernel_pmap) + return (false); +#endif + return (superpages_enabled != 0); }