From f097e051b0b999b571a1690ed3900f687abba935 Mon Sep 17 00:00:00 2001 From: George Koehler Date: Mon, 7 Feb 2022 23:20:10 +0000 Subject: Allow writes to rw pages in pte_spill_v In the powerpc pmap, hash collisions can spill page table entries. Page faults can use pte_spill_v to reinsert a spilled pte. If the fault is a write (DSISR_STORE), then pte_spill_v tries to check for a read-only page. The existing check (pte_lo & PTE_RO_64) also matched rw pages, because PTE_RO_64 is 3 and PTE_RW_64 is 2. This caused pte_spill_v to deny writes to rw pages. Then uvm_fault might allow the write; but uvm_fault can't handle some pages in the kernel. Such faults caused, "panic: uvm_fault: fault on non-pageable map", or "panic: trap type 300". Change it to ((pte_lo & PTE_PP_64) == PTE_RO_64). This seems to fix one reason why bsd.mp on a macppc dual G5 might panic. ok kettenis@ miod@ --- sys/arch/powerpc/powerpc/pmap.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'sys/arch/powerpc') diff --git a/sys/arch/powerpc/powerpc/pmap.c b/sys/arch/powerpc/powerpc/pmap.c index 3a01cd508ac..fae4c8c20cf 100644 --- a/sys/arch/powerpc/powerpc/pmap.c +++ b/sys/arch/powerpc/powerpc/pmap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pmap.c,v 1.175 2021/03/15 15:49:22 deraadt Exp $ */ +/* $OpenBSD: pmap.c,v 1.176 2022/02/07 23:20:09 gkoehler Exp $ */ /* * Copyright (c) 2015 Martin Pieuchot @@ -2277,10 +2277,12 @@ pte_spill_v(pmap_t pm, u_int32_t va, u_int32_t dsisr, int exec_fault) /* Attempted to write a read-only page. */ if (dsisr & DSISR_STORE) { if (ppc_proc_is_64b) { - if (pted->p.pted_pte64.pte_lo & PTE_RO_64) + if ((pted->p.pted_pte64.pte_lo & PTE_PP_64) == + PTE_RO_64) goto out; } else { - if (pted->p.pted_pte32.pte_lo & PTE_RO_32) + if ((pted->p.pted_pte32.pte_lo & PTE_PP_32) == + PTE_RO_32) goto out; } } -- cgit v1.2.3