From nobody Thu May 02 08:09:28 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VVRRX5FkVz5JXr0; Thu, 2 May 2024 08:09:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VVRRX4PRnz4XZD; Thu, 2 May 2024 08:09:28 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1714637368; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=pOV07aBNn6t8Awy8JNNPyuO71cJ8v/bLt/EjS/Wk41k=; b=C6YYlrZhAESh28y20q+Fe7n3ONBVEaClpAePeidA3fMfgat896872SUZW0PZNdbTPPUFWg urJpjJ2zzmTOGIGv6jjzCDKEKnOMnZLS+zsfDCEDkzYv3P1dzBQX7E6V0KMIxi5FowQg9C 0Zd224oCV0w8lWK33+8JPRq8q4XQpyYuepQNAsSXA2SAp3y9550SPm4iZ/A6Cq9EGPhBaT 1ufdhi9RVrf8AIp/bqjlXIGaqoXH4rTV+9WBA5jO/XaFTHtiV5rXbh2sVrYpZ+UyA3bPKQ kGMQr+vT9R5rZkGbwSb2jp5vo+lmP9Ibmh1UT7SJxH+KQyyQUH1X5lQoKIYguA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1714637368; a=rsa-sha256; cv=none; b=IT7n6NSAECfUSYroT2ewXq6RirvvPOLQRP7v8SuXb7PuxGGRrJ1B6cMiaUqE7u9Rr65iIj TaURR7ujtK228uh1WfXvxtKOjO/IMeFCzXlUC60Gz+GMnu/WdDMx3KKuEV6QxI7Fj+B5Hb 7NJpMBd4rmEdZnkoy8IFjpErN6uu55CUv14S1sYcI+1Rze6Oice2naNmT6Ge7Zzof6x9Oq KT71wvvA1YLdU/LmyIZQTfGA+XWWIRvOUkBaOgq+T7WQGgObrY6Q6oQzVYtyAFqdAjXnrD VZrmMwWeRBbyx4MjfsKaP6unBN6ZkJKQIGtJ+nGCophAxY859LFT4SpSbhBjag== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1714637368; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=pOV07aBNn6t8Awy8JNNPyuO71cJ8v/bLt/EjS/Wk41k=; b=ixm9ReGUBbjVy6weH9Y7zWsszhMlHLHg/V8X6BPGhDHagYgPkTOFAwMAnMHJcGwTVEMIxI AXSSTpMfXYr6RCXLmC/11dyWNrUzja0K4Tx54HW/aXXWjj6Y35v5V+v2gAyKsXe/f/PrVV XBDShbMOwFf4kZHF97xOoCoaMCt3CsYhcqrwzujbbak1ze6bXBDHcZcVIk9LTgZJgi4/US ZFuRjIfpNQ69n5g61gr1f96eoXQY6q6LdfOnZvh8Eq1QcQpeRUf9pYbt6lQDbVEhW9eFM0 /ebNKriUWlhTSjqpv0itCJ+OiNtktNCOc3dbLTZznPgtbCZUgzPobaLlBw/ItQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VVRRX41P0zv94; Thu, 2 May 2024 08:09:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 44289SC7039012; Thu, 2 May 2024 08:09:28 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 44289SnN039009; Thu, 2 May 2024 08:09:28 GMT (envelope-from git) Date: Thu, 2 May 2024 08:09:28 GMT Message-Id: <202405020809.44289SnN039009@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Andrew Turner Subject: git: c3a3b231da00 - stable/14 - arm64: Check DMAP address is valid in PHYS_IN_DMAP List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: andrew X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: c3a3b231da00e93fcd7baced74fa933b112de473 Auto-Submitted: auto-generated The branch stable/14 has been updated by andrew: URL: https://cgit.FreeBSD.org/src/commit/?id=c3a3b231da00e93fcd7baced74fa933b112de473 commit c3a3b231da00e93fcd7baced74fa933b112de473 Author: Andrew Turner AuthorDate: 2024-04-08 10:44:33 +0000 Commit: Andrew Turner CommitDate: 2024-05-02 07:59:31 +0000 arm64: Check DMAP address is valid in PHYS_IN_DMAP When checking if a physical address is in the DMAP region we assume all physical addresses between DMAP_MIN_PHYSADDR and DMAP_MAX_PHYSADDR are able to be accesses through the DMAP. It may be the case that there is device memory in this range that shouldn't be accessed through the DMAP mappings. Add a check to PHYS_IN_DMAP that the translated virtual address is a valid kernel address. To support code that already checks the address is valid add PHYS_IN_DMAP_RANGE. PR: 278233 Reviewed by: alc, markj Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D44677 (cherry picked from commit 9d40492efa467095340cf3dca5860880aa441472) --- sys/arm64/arm64/efirt_machdep.c | 9 ++------- sys/arm64/arm64/machdep.c | 2 +- sys/arm64/arm64/minidump_machdep.c | 7 ++++--- sys/arm64/include/vmparam.h | 18 +++++++++++++++--- 4 files changed, 22 insertions(+), 14 deletions(-) diff --git a/sys/arm64/arm64/efirt_machdep.c b/sys/arm64/arm64/efirt_machdep.c index c51987625356..b1fd60037134 100644 --- a/sys/arm64/arm64/efirt_machdep.c +++ b/sys/arm64/arm64/efirt_machdep.c @@ -145,13 +145,8 @@ efi_1t1_l3(vm_offset_t va) vm_offset_t efi_phys_to_kva(vm_paddr_t paddr) { - vm_offset_t vaddr; - - if (PHYS_IN_DMAP(paddr)) { - vaddr = PHYS_TO_DMAP(paddr); - if (pmap_klookup(vaddr, NULL)) - return (vaddr); - } + if (PHYS_IN_DMAP(paddr)) + return (PHYS_TO_DMAP(paddr)); /* TODO: Map memory not in the DMAP */ diff --git a/sys/arm64/arm64/machdep.c b/sys/arm64/arm64/machdep.c index 01896c15e650..ea2b7e9da2ee 100644 --- a/sys/arm64/arm64/machdep.c +++ b/sys/arm64/arm64/machdep.c @@ -427,7 +427,7 @@ arm64_get_writable_addr(vm_offset_t addr, vm_offset_t *out) /* * If it is within the DMAP region and is writable use that. */ - if (PHYS_IN_DMAP(pa)) { + if (PHYS_IN_DMAP_RANGE(pa)) { addr = PHYS_TO_DMAP(pa); if (PAR_SUCCESS(arm64_address_translate_s1e1w(addr))) { *out = addr; diff --git a/sys/arm64/arm64/minidump_machdep.c b/sys/arm64/arm64/minidump_machdep.c index 87bf41b27fdf..8ee626953aef 100644 --- a/sys/arm64/arm64/minidump_machdep.c +++ b/sys/arm64/arm64/minidump_machdep.c @@ -202,7 +202,8 @@ cpu_minidumpsys(struct dumperinfo *di, const struct minidumpstate *state) if ((l3e & ATTR_DESCR_MASK) != L3_PAGE) continue; pa = PTE_TO_PHYS(l3e); - if (PHYS_IN_DMAP(pa) && vm_phys_is_dumpable(pa)) + if (PHYS_IN_DMAP_RANGE(pa) && + vm_phys_is_dumpable(pa)) vm_page_dump_add(state->dump_bitset, pa); } @@ -216,7 +217,7 @@ cpu_minidumpsys(struct dumperinfo *di, const struct minidumpstate *state) dumpsize += round_page(sizeof(dump_avail)); dumpsize += round_page(BITSET_SIZE(vm_page_dump_pages)); VM_PAGE_DUMP_FOREACH(state->dump_bitset, pa) { - if (PHYS_IN_DMAP(pa) && vm_phys_is_dumpable(pa)) + if (PHYS_IN_DMAP_RANGE(pa) && vm_phys_is_dumpable(pa)) dumpsize += PAGE_SIZE; else vm_page_dump_drop(state->dump_bitset, pa); @@ -347,7 +348,7 @@ cpu_minidumpsys(struct dumperinfo *di, const struct minidumpstate *state) * We always write a page, even if it is zero. If pa * is malformed, write the zeroed tmpbuffer. */ - if (PHYS_IN_DMAP(pa) && vm_phys_is_dumpable(pa)) + if (PHYS_IN_DMAP_RANGE(pa) && vm_phys_is_dumpable(pa)) error = blk_write(di, NULL, pa, PAGE_SIZE); else error = blk_write(di, (char *)&tmpbuffer, 0, diff --git a/sys/arm64/include/vmparam.h b/sys/arm64/include/vmparam.h index 0176045f0cae..fee8e01f72c4 100644 --- a/sys/arm64/include/vmparam.h +++ b/sys/arm64/include/vmparam.h @@ -195,9 +195,21 @@ #define DMAP_MIN_PHYSADDR (dmap_phys_base) #define DMAP_MAX_PHYSADDR (dmap_phys_max) -/* True if pa is in the dmap range */ -#define PHYS_IN_DMAP(pa) ((pa) >= DMAP_MIN_PHYSADDR && \ +/* + * Checks to see if a physical address is in the DMAP range. + * - PHYS_IN_DMAP_RANGE will return true that may be within the DMAP range + * but not accessible through the DMAP, e.g. device memory between two + * DMAP physical address regions. + * - PHYS_IN_DMAP will check if DMAP address is mapped before returning true. + * + * PHYS_IN_DMAP_RANGE should only be used when a check on the address is + * performed, e.g. by checking the physical address is within phys_avail, + * or checking the virtual address is mapped. + */ +#define PHYS_IN_DMAP_RANGE(pa) ((pa) >= DMAP_MIN_PHYSADDR && \ (pa) < DMAP_MAX_PHYSADDR) +#define PHYS_IN_DMAP(pa) (PHYS_IN_DMAP_RANGE(pa) && \ + pmap_klookup(PHYS_TO_DMAP(pa), NULL)) /* True if va is in the dmap range */ #define VIRT_IN_DMAP(va) ((va) >= DMAP_MIN_ADDRESS && \ (va) < (dmap_max_addr)) @@ -205,7 +217,7 @@ #define PMAP_HAS_DMAP 1 #define PHYS_TO_DMAP(pa) \ ({ \ - KASSERT(PHYS_IN_DMAP(pa), \ + KASSERT(PHYS_IN_DMAP_RANGE(pa), \ ("%s: PA out of range, PA: 0x%lx", __func__, \ (vm_paddr_t)(pa))); \ ((pa) - dmap_phys_base) + DMAP_MIN_ADDRESS; \