git: 78cc000cbae9 - main - amd64: Increase sanitizers' static shadow memory reservation

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Mark Johnston <markj_at_FreeBSD.org>
Date: Fri, 04 Aug 2023 16:55:26 UTC
The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=78cc000cbae9913e924aee13ec4fd367cb87336e

commit 78cc000cbae9913e924aee13ec4fd367cb87336e
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-08-04 16:25:50 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2023-08-04 16:38:24 +0000

    amd64: Increase sanitizers' static shadow memory reservation
    
    Because KASAN shadows the kernel image itself (KMSAN currently does
    not), a shadow mapping of the boot stack must be created very early
    during boot.  pmap_san_enter() reserves a fixed number of pages for the
    purpose of creating and mapping this shadow region.
    
    After commit 789df254cc9e ("amd64: Use a larger boot stack"), it could
    happen that this reservation is insufficient; this happens when
    bootstack crosses a PAGE_SHIFT + KASAN_SHADOW_SCALE_SHIFT boundary.
    Update the calculation to take into account the new size of the boot
    stack.
    
    Fixes:          789df254cc9e ("amd64: Use a larger boot stack")
    Sponsored by:   The FreeBSD Foundation
---
 sys/amd64/amd64/pmap.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/sys/amd64/amd64/pmap.c b/sys/amd64/amd64/pmap.c
index 5bc40bd00a32..5d747e62d37c 100644
--- a/sys/amd64/amd64/pmap.c
+++ b/sys/amd64/amd64/pmap.c
@@ -11642,13 +11642,16 @@ pmap_pkru_clear(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
 /*
  * Reserve enough memory to:
  * 1) allocate PDP pages for the shadow map(s),
- * 2) shadow one page of memory, so one PD page, one PT page, and one shadow
- *    page per shadow map.
+ * 2) shadow the boot stack of KSTACK_PAGES pages,
+ * so we need one PD page, one or two PT pages, and KSTACK_PAGES shadow pages
+ * per shadow map.
  */
 #ifdef KASAN
-#define	SAN_EARLY_PAGES	(NKASANPML4E + 3)
+#define	SAN_EARLY_PAGES	\
+	(NKASANPML4E + 1 + 2 + howmany(KSTACK_PAGES, KASAN_SHADOW_SCALE))
 #else
-#define	SAN_EARLY_PAGES	(NKMSANSHADPML4E + NKMSANORIGPML4E + 2 * 3)
+#define	SAN_EARLY_PAGES	\
+	(NKMSANSHADPML4E + NKMSANORIGPML4E + 2 * (1 + 2 + KSTACK_PAGES))
 #endif
 
 static uint64_t __nosanitizeaddress __nosanitizememory