From owner-p4-projects@FreeBSD.ORG  Mon Sep 27 20:10:08 2010
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 6D7831065670; Mon, 27 Sep 2010 20:10:07 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1B2A5106564A
	for <perforce@freebsd.org>; Mon, 27 Sep 2010 20:10:07 +0000 (UTC)
	(envelope-from jhb@freebsd.org)
Received: from skunkworks.freebsd.org (skunkworks.freebsd.org
	[IPv6:2001:4f8:fff6::2d])
	by mx1.freebsd.org (Postfix) with ESMTP id 08B548FC0A
	for <perforce@freebsd.org>; Mon, 27 Sep 2010 20:10:07 +0000 (UTC)
Received: from skunkworks.freebsd.org (localhost [127.0.0.1])
	by skunkworks.freebsd.org (8.14.4/8.14.4) with ESMTP id o8RKA6Bo036487
	for <perforce@freebsd.org>; Mon, 27 Sep 2010 20:10:06 GMT
	(envelope-from jhb@freebsd.org)
Received: (from perforce@localhost)
	by skunkworks.freebsd.org (8.14.4/8.14.4/Submit) id o8RKA6NZ036484
	for perforce@freebsd.org; Mon, 27 Sep 2010 20:10:06 GMT
	(envelope-from jhb@freebsd.org)
Date: Mon, 27 Sep 2010 20:10:06 GMT
Message-Id: <201009272010.o8RKA6NZ036484@skunkworks.freebsd.org>
X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to
	jhb@freebsd.org using -f
From: John Baldwin <jhb@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Precedence: bulk
Cc: 
Subject: PERFORCE change 184245 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Sep 2010 20:10:08 -0000

http://p4web.freebsd.org/@@184245?ac=10

Change 184245 by jhb@jhb_jhbbsd on 2010/09/27 20:09:12

	Possible fix for early memory corruption in the VM86 code reported
	by bde@.

Affected files ...

.. //depot/projects/smpng/sys/i386/i386/vm86.c#24 edit
.. //depot/projects/smpng/sys/i386/include/pmap.h#51 edit

Differences ...

==== //depot/projects/smpng/sys/i386/i386/vm86.c#24 (text+ko) ====

@@ -592,7 +592,7 @@
 
 	mtx_lock(&vm86_lock);
 	for (i = 0; i < vmc->npages; i++) {
-		page = vtophys(vmc->pmap[i].kva & PG_FRAME);
+		page = pmap_kextract_early(vmc->pmap[i].kva & PG_FRAME);
 		entry = vmc->pmap[i].pte_num; 
 		vmc->pmap[i].old_pte = pte[entry];
 		pte[entry] = page | PG_V | PG_RW | PG_U;

==== //depot/projects/smpng/sys/i386/include/pmap.h#51 (text+ko) ====

@@ -302,6 +302,29 @@
 	return (pa);
 }
 
+/*
+ * A version of pmap_kextract() that is safe to call before
+ * pmap_bootstrap().  This is used in vm86_datacall().  If
+ * pmap_bootstrap() has not been called, then KPTmap is not yet
+ * initialized, so fall back to using vtopte() instead.
+ */
+static __inline vm_paddr_t
+pmap_kextract_early(vm_offset_t va)
+{
+	vm_paddr_t pa;
+
+	if ((pa = PTD[va >> PDRSHIFT]) & PG_PS) {
+		pa = (pa & PG_PS_FRAME) | (va & PDRMASK);
+	} else {
+		if (KPTmap == NULL)
+			pa = *vtopte(va);
+		else
+			pa = KPTmap[i386_btop(va)];
+		pa = (pa & PG_FRAME) | (va & PAGE_MASK);
+	}
+	return (pa);
+}
+
 #define PT_UPDATES_FLUSH()
 #endif