Novk=?utf-8?Q?ovi=C4=87?= Subject: git: 4f7436bf297b - stable/15 - amd64/vmm.c: Fix an incorrect memory segment check in vm_iommu_{un}map List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bnovkov X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 4f7436bf297b93fd9e835ffca3d56288ce934dc5 Auto-Submitted: auto-generated Date: Mon, 15 Dec 2025 15:47:23 +0000 Message-Id: <69402d8b.3ea6c.4c5a3e49@gitrepo.freebsd.org> The branch stable/15 has been updated by bnovkov: URL: https://cgit.FreeBSD.org/src/commit/?id=4f7436bf297b93fd9e835ffca3d56288ce934dc5 commit 4f7436bf297b93fd9e835ffca3d56288ce934dc5 Author: Bojan Novković AuthorDate: 2025-12-13 14:53:45 +0000 Commit: Bojan Novković CommitDate: 2025-12-15 15:47:00 +0000 amd64/vmm.c: Fix an incorrect memory segment check in vm_iommu_{un}map This change fixes two checks that conflated memory mapping and memory segment idenitifers. In both cases the code iterates over all memory mappings but passes the index to `vm_memseg_sysmem`, which is wrong. Fix this by passing the memory mapping's segment identifier instead. Differential Revision: https://reviews.freebsd.org/D54210 Reviewed by: markj Fixes: c76c2a19ae37 PR: 290920 (cherry picked from commit f1809eab82a796845f126b703c01d4a31ccf2193) --- sys/amd64/vmm/vmm.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sys/amd64/vmm/vmm.c b/sys/amd64/vmm/vmm.c index 6dfa33adf63c..5cb2776fe917 100644 --- a/sys/amd64/vmm/vmm.c +++ b/sys/amd64/vmm/vmm.c @@ -657,10 +657,10 @@ vm_iommu_map(struct vm *vm) pmap = vmspace_pmap(vm_vmspace(vm)); for (i = 0; i < VM_MAX_MEMMAPS; i++) { - if (!vm_memseg_sysmem(vm, i)) + mm = &vm->mem.mem_maps[i]; + if (!vm_memseg_sysmem(vm, mm->segid)) continue; - mm = &vm->mem.mem_maps[i]; KASSERT((mm->flags & VM_MEMMAP_F_IOMMU) == 0, ("iommu map found invalid memmap %#lx/%#lx/%#x", mm->gpa, mm->len, mm->flags)); @@ -705,10 +705,10 @@ vm_iommu_unmap(struct vm *vm) sx_assert(&vm->mem.mem_segs_lock, SX_LOCKED); for (i = 0; i < VM_MAX_MEMMAPS; i++) { - if (!vm_memseg_sysmem(vm, i)) + mm = &vm->mem.mem_maps[i]; + if (!vm_memseg_sysmem(vm, mm->segid)) continue; - mm = &vm->mem.mem_maps[i]; if ((mm->flags & VM_MEMMAP_F_IOMMU) == 0) continue; mm->flags &= ~VM_MEMMAP_F_IOMMU;