From nobody Wed Apr 24 18:31:43 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VPndC2mZBz5J6S2;
	Wed, 24 Apr 2024 18:31:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4VPndC1clbz4375;
	Wed, 24 Apr 2024 18:31:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1713983503;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=7YrwQcJts+XJfK6PQw+lEXjlUAMeY9I6nUUntgxbyJA=;
	b=Aw+O/jkCnvDkM4JnTg8yHXwYg66226wRbjg3OXlyrOYR388QxKqsHCsaAp/fIiDNDlmg7v
	GXN5EgEaCs+l9bonGePgMLgaGv1dHJr9ITRvT0OLj3eNq3yz+hwp9x/ari6adNlvrdeQEp
	bk0aiZZ8S7d1QuqyIHOWQI3/vUpfYkpa9ykfFb+wDXt+B2lLPzJJ1qQ3/+5j5bgIrBGQsz
	AzSAc4i9N0jqnWI20T9GzlGH2ZjOu+734n1YjHo/Lta7ycGsQmbJdMo2qZM6NN+ZzNYVbA
	Vl81+L/0pqgG97ssr65YWNGhHTmhpwZLr1BY27CtVrZ5B6cbCpX1rZZkuh4Y/g==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1713983503; a=rsa-sha256; cv=none;
	b=S3oueTblLK/HeiWqnp24AZ8CePFCjAr7WLUBnOkQFT17LbP3NdpgkCsx008Un1IBKgbGei
	P2f/24R0AUksdVoeuz5/P++MfMsYsWHrOzW8fdVRyYFwBg59c3EKXIrmBlStWm3CFR0xyk
	zK06KpozOUqm+b+CoiG0TrfWG8kWEOdUtABxLFSdsWIsxMT26VbLgxHU5lA7xih6Hmhzwc
	2khkXK67yXZIDnBFZFWtS/Ku+y3c9u5/pQAuzXcRG7VeYnXiEVulM/BqhNlwM+17EPUV1w
	ZWyNKqgKgozqRkjGka/Bd9THO84H/XP82Be96ESBgSeX8TEqbIwNx0dBbba3QQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1713983503;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=7YrwQcJts+XJfK6PQw+lEXjlUAMeY9I6nUUntgxbyJA=;
	b=ruhiMKMre4oit/ML1jOI6SFex0Ys5uBbxATbFFjTLRn6Ikx2kv2RFKVjrfn1wxKCRtlwCZ
	OrKTSrWZ0fEyHQ4vt4NnyiiIJUW25ZsDMbkpvHDlW50YiXhylUWai2cRh4bkDynBzVIZCN
	SZpv7H66iC1dZkvq/JjlhnU0/oQy2NBj1pKrhHnWsqEsTIBAo2kip2lk548ube6OVkp7eU
	eIE6mvHD3vSrOKkIkLRKuZgGhbaj2r3+Kuiblg1GcV9xDMuBZi6YPrAxNS7aW1echhbcoh
	LgYzUGa5revC3Fy41QhbB8axh3bPOJyh+C7syO1P4awT/Y0Zox2FckT7PFnAOw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VPndC18mgzR8m;
	Wed, 24 Apr 2024 18:31:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 43OIVh0A091241;
	Wed, 24 Apr 2024 18:31:43 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 43OIVhIT091238;
	Wed, 24 Apr 2024 18:31:43 GMT
	(envelope-from git)
Date: Wed, 24 Apr 2024 18:31:43 GMT
Message-Id: <202404241831.43OIVhIT091238@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Andrew Turner <andrew@FreeBSD.org>
Subject: git: 9d40492efa46 - main - arm64: Check DMAP address is
  valid in PHYS_IN_DMAP
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: andrew
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 9d40492efa467095340cf3dca5860880aa441472
Auto-Submitted: auto-generated

The branch main has been updated by andrew:

URL: https://cgit.FreeBSD.org/src/commit/?id=9d40492efa467095340cf3dca5860880aa441472

commit 9d40492efa467095340cf3dca5860880aa441472
Author:     Andrew Turner <andrew@FreeBSD.org>
AuthorDate: 2024-04-08 10:44:33 +0000
Commit:     Andrew Turner <andrew@FreeBSD.org>
CommitDate: 2024-04-24 18:17:19 +0000

    arm64: Check DMAP address is valid in PHYS_IN_DMAP
    
    When checking if a physical address is in the DMAP region we assume
    all physical addresses between DMAP_MIN_PHYSADDR and DMAP_MAX_PHYSADDR
    are able to be accesses through the DMAP. It may be the case that
    there is device memory in this range that shouldn't be accessed through
    the DMAP mappings.
    
    Add a check to PHYS_IN_DMAP that the translated virtual address is a
    valid kernel address. To support code that already checks the address
    is valid add PHYS_IN_DMAP_RANGE.
    
    PR:             278233
    Reviewed by:    alc, markj
    Sponsored by:   Arm Ltd
    Differential Revision:  https://reviews.freebsd.org/D44677
---
 sys/arm64/arm64/efirt_machdep.c    |  9 ++-------
 sys/arm64/arm64/machdep.c          |  2 +-
 sys/arm64/arm64/minidump_machdep.c |  7 ++++---
 sys/arm64/include/vmparam.h        | 18 +++++++++++++++---
 4 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/sys/arm64/arm64/efirt_machdep.c b/sys/arm64/arm64/efirt_machdep.c
index 52906779dfb9..0c46d2e6dcc6 100644
--- a/sys/arm64/arm64/efirt_machdep.c
+++ b/sys/arm64/arm64/efirt_machdep.c
@@ -144,13 +144,8 @@ efi_1t1_l3(vm_offset_t va)
 vm_offset_t
 efi_phys_to_kva(vm_paddr_t paddr)
 {
-	vm_offset_t vaddr;
-
-	if (PHYS_IN_DMAP(paddr)) {
-		vaddr = PHYS_TO_DMAP(paddr);
-		if (pmap_klookup(vaddr, NULL))
-			return (vaddr);
-	}
+	if (PHYS_IN_DMAP(paddr))
+		return (PHYS_TO_DMAP(paddr));
 
 	/* TODO: Map memory not in the DMAP */
 
diff --git a/sys/arm64/arm64/machdep.c b/sys/arm64/arm64/machdep.c
index d566a8e2298c..517f4e7c2e23 100644
--- a/sys/arm64/arm64/machdep.c
+++ b/sys/arm64/arm64/machdep.c
@@ -444,7 +444,7 @@ arm64_get_writable_addr(void *addr, void **out)
 	/*
 	 * If it is within the DMAP region and is writable use that.
 	 */
-	if (PHYS_IN_DMAP(pa)) {
+	if (PHYS_IN_DMAP_RANGE(pa)) {
 		addr = (void *)PHYS_TO_DMAP(pa);
 		if (PAR_SUCCESS(arm64_address_translate_s1e1w(
 		    (vm_offset_t)addr))) {
diff --git a/sys/arm64/arm64/minidump_machdep.c b/sys/arm64/arm64/minidump_machdep.c
index 87bf41b27fdf..8ee626953aef 100644
--- a/sys/arm64/arm64/minidump_machdep.c
+++ b/sys/arm64/arm64/minidump_machdep.c
@@ -202,7 +202,8 @@ cpu_minidumpsys(struct dumperinfo *di, const struct minidumpstate *state)
 				if ((l3e & ATTR_DESCR_MASK) != L3_PAGE)
 					continue;
 				pa = PTE_TO_PHYS(l3e);
-				if (PHYS_IN_DMAP(pa) && vm_phys_is_dumpable(pa))
+				if (PHYS_IN_DMAP_RANGE(pa) &&
+				    vm_phys_is_dumpable(pa))
 					vm_page_dump_add(state->dump_bitset,
 					    pa);
 			}
@@ -216,7 +217,7 @@ cpu_minidumpsys(struct dumperinfo *di, const struct minidumpstate *state)
 	dumpsize += round_page(sizeof(dump_avail));
 	dumpsize += round_page(BITSET_SIZE(vm_page_dump_pages));
 	VM_PAGE_DUMP_FOREACH(state->dump_bitset, pa) {
-		if (PHYS_IN_DMAP(pa) && vm_phys_is_dumpable(pa))
+		if (PHYS_IN_DMAP_RANGE(pa) && vm_phys_is_dumpable(pa))
 			dumpsize += PAGE_SIZE;
 		else
 			vm_page_dump_drop(state->dump_bitset, pa);
@@ -347,7 +348,7 @@ cpu_minidumpsys(struct dumperinfo *di, const struct minidumpstate *state)
 			 * We always write a page, even if it is zero. If pa
 			 * is malformed, write the zeroed tmpbuffer.
 			 */
-			if (PHYS_IN_DMAP(pa) && vm_phys_is_dumpable(pa))
+			if (PHYS_IN_DMAP_RANGE(pa) && vm_phys_is_dumpable(pa))
 				error = blk_write(di, NULL, pa, PAGE_SIZE);
 			else
 				error = blk_write(di, (char *)&tmpbuffer, 0,
diff --git a/sys/arm64/include/vmparam.h b/sys/arm64/include/vmparam.h
index d5d4a5691f37..83c55913f56e 100644
--- a/sys/arm64/include/vmparam.h
+++ b/sys/arm64/include/vmparam.h
@@ -223,9 +223,21 @@
 #define	DMAP_MIN_PHYSADDR	(dmap_phys_base)
 #define	DMAP_MAX_PHYSADDR	(dmap_phys_max)
 
-/* True if pa is in the dmap range */
-#define	PHYS_IN_DMAP(pa)	((pa) >= DMAP_MIN_PHYSADDR && \
+/*
+ * Checks to see if a physical address is in the DMAP range.
+ * - PHYS_IN_DMAP_RANGE will return true that may be within the DMAP range
+ *   but not accessible through the DMAP, e.g. device memory between two
+ *   DMAP physical address regions.
+ * - PHYS_IN_DMAP will check if DMAP address is mapped before returning true.
+ *
+ * PHYS_IN_DMAP_RANGE should only be used when a check on the address is
+ * performed, e.g. by checking the physical address is within phys_avail,
+ * or checking the virtual address is mapped.
+ */
+#define	PHYS_IN_DMAP_RANGE(pa)	((pa) >= DMAP_MIN_PHYSADDR && \
     (pa) < DMAP_MAX_PHYSADDR)
+#define	PHYS_IN_DMAP(pa)	(PHYS_IN_DMAP_RANGE(pa) && \
+    pmap_klookup(PHYS_TO_DMAP(pa), NULL))
 /* True if va is in the dmap range */
 #define	VIRT_IN_DMAP(va)	((va) >= DMAP_MIN_ADDRESS && \
     (va) < (dmap_max_addr))
@@ -233,7 +245,7 @@
 #define	PMAP_HAS_DMAP	1
 #define	PHYS_TO_DMAP(pa)						\
 ({									\
-	KASSERT(PHYS_IN_DMAP(pa),					\
+	KASSERT(PHYS_IN_DMAP_RANGE(pa),					\
 	    ("%s: PA out of range, PA: 0x%lx", __func__,		\
 	    (vm_paddr_t)(pa)));						\
 	((pa) - dmap_phys_base) + DMAP_MIN_ADDRESS;			\