amd64: Increase sanitizers' static shadow memory reservation

Because KASAN shadows the kernel image itself (KMSAN currently does not), a shadow mapping of the boot stack must be created very early during boot. pmap_san_enter() reserves a fixed number of pages for the purpose of creating and mapping this shadow region. After commit 789df254cc ("amd64: Use a larger boot stack"), it could happen that this reservation is insufficient; this happens when bootstack crosses a PAGE_SHIFT + KASAN_SHADOW_SCALE_SHIFT boundary. Update the calculation to take into account the new size of the boot stack. Fixes: 789df254cc ("amd64: Use a larger boot stack") Sponsored by: The FreeBSD Foundation
2026-06-04 22:32:43 -04:00 · 2023-08-04 12:25:50 -04:00 · 2023-08-04 12:25:50 -04:00 · 78cc000cba
commit 78cc000cba
parent 9c2823bae9
1 changed files with 7 additions and 4 deletions
--- a/sys/amd64/amd64/pmap.c
+++ b/sys/amd64/amd64/pmap.c
@ -11642,13 +11642,16 @@ pmap_pkru_clear(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
 /*
 * Reserve enough memory to:
 * 1) allocate PDP pages for the shadow map(s),
- * 2) shadow one page of memory, so one PD page, one PT page, and one shadow
- *    page per shadow map.
+ * 2) shadow the boot stack of KSTACK_PAGES pages,
+ * so we need one PD page, one or two PT pages, and KSTACK_PAGES shadow pages
+ * per shadow map.
 */
 #ifdef KASAN
-#define	SAN_EARLY_PAGES	(NKASANPML4E + 3)
+#define	SAN_EARLY_PAGES	\
+	(NKASANPML4E + 1 + 2 + howmany(KSTACK_PAGES, KASAN_SHADOW_SCALE))
 #else
-#define	SAN_EARLY_PAGES	(NKMSANSHADPML4E + NKMSANORIGPML4E + 2 * 3)
+#define	SAN_EARLY_PAGES	\
+	(NKMSANSHADPML4E + NKMSANORIGPML4E + 2 * (1 + 2 + KSTACK_PAGES))
 #endif

 static uint64_t __nosanitizeaddress __nosanitizememory