d1d9b366cd
pmap_change_wiring(...,FALSE) unless the map entry claims the address is unwired. This fixes the following scenario, as described on tech-kern@netbsd.org on Wed 6/16/1999 12:25:23: - User mlock(2)'s a buffer, to guarantee it will never become non-resident while he is using it. - User then does physio to that buffer. Physio calls uvm_vslock() to lock down the pages and ensure that page faults do not happen while the I/O is in progress (possibly in interrupt context). - Physio does the I/O. - Physio calls uvm_vsunlock(). This calls uvm_fault_unwire(). >>> HERE IS WHERE THE PROBLEM OCCURS <<< uvm_fault_unwire() calls pmap_change_wiring(..., FALSE), which now gives the pmap free reign to recycle the mapping information for that page, which is illegal; the mapping is still wired (due to the mlock(2)), but now access of the page could cause a non-protection page fault (disallowed). NOTE: This could eventually lead to a panic when the user subsequently munlock(2)'s the buffer and the mapping info has been recycled for use by another mapping! |
||
|---|---|---|
| bin | ||
| distrib | ||
| etc | ||
| games | ||
| gnu | ||
| include | ||
| lib | ||
| libexec | ||
| regress | ||
| sbin | ||
| share | ||
| sys | ||
| usr.bin | ||
| usr.sbin | ||
| Makefile | ||