PERFORCE change 184245 for review
John Baldwin
jhb at FreeBSD.org
Mon Sep 27 20:10:08 UTC 2010
http://p4web.freebsd.org/@@184245?ac=10
Change 184245 by jhb at jhb_jhbbsd on 2010/09/27 20:09:12
Possible fix for early memory corruption in the VM86 code reported
by bde at .
Affected files ...
.. //depot/projects/smpng/sys/i386/i386/vm86.c#24 edit
.. //depot/projects/smpng/sys/i386/include/pmap.h#51 edit
Differences ...
==== //depot/projects/smpng/sys/i386/i386/vm86.c#24 (text+ko) ====
@@ -592,7 +592,7 @@
mtx_lock(&vm86_lock);
for (i = 0; i < vmc->npages; i++) {
- page = vtophys(vmc->pmap[i].kva & PG_FRAME);
+ page = pmap_kextract_early(vmc->pmap[i].kva & PG_FRAME);
entry = vmc->pmap[i].pte_num;
vmc->pmap[i].old_pte = pte[entry];
pte[entry] = page | PG_V | PG_RW | PG_U;
==== //depot/projects/smpng/sys/i386/include/pmap.h#51 (text+ko) ====
@@ -302,6 +302,29 @@
return (pa);
}
+/*
+ * A version of pmap_kextract() that is safe to call before
+ * pmap_bootstrap(). This is used in vm86_datacall(). If
+ * pmap_bootstrap() has not been called, then KPTmap is not yet
+ * initialized, so fall back to using vtopte() instead.
+ */
+static __inline vm_paddr_t
+pmap_kextract_early(vm_offset_t va)
+{
+ vm_paddr_t pa;
+
+ if ((pa = PTD[va >> PDRSHIFT]) & PG_PS) {
+ pa = (pa & PG_PS_FRAME) | (va & PDRMASK);
+ } else {
+ if (KPTmap == NULL)
+ pa = *vtopte(va);
+ else
+ pa = KPTmap[i386_btop(va)];
+ pa = (pa & PG_FRAME) | (va & PAGE_MASK);
+ }
+ return (pa);
+}
+
#define PT_UPDATES_FLUSH()
#endif
More information about the p4-projects
mailing list