From 78cc000cbae9913e924aee13ec4fd367cb87336e Mon Sep 17 00:00:00 2001 From: Mark Johnston Date: Fri, 4 Aug 2023 12:25:50 -0400 Subject: [PATCH] amd64: Increase sanitizers' static shadow memory reservation Because KASAN shadows the kernel image itself (KMSAN currently does not), a shadow mapping of the boot stack must be created very early during boot. pmap_san_enter() reserves a fixed number of pages for the purpose of creating and mapping this shadow region. After commit 789df254cc9e ("amd64: Use a larger boot stack"), it could happen that this reservation is insufficient; this happens when bootstack crosses a PAGE_SHIFT + KASAN_SHADOW_SCALE_SHIFT boundary. Update the calculation to take into account the new size of the boot stack. Fixes: 789df254cc9e ("amd64: Use a larger boot stack") Sponsored by: The FreeBSD Foundation --- sys/amd64/amd64/pmap.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/sys/amd64/amd64/pmap.c b/sys/amd64/amd64/pmap.c index 5bc40bd00a3..5d747e62d37 100644 --- a/sys/amd64/amd64/pmap.c +++ b/sys/amd64/amd64/pmap.c @@ -11642,13 +11642,16 @@ pmap_pkru_clear(pmap_t pmap, vm_offset_t sva, vm_offset_t eva) /* * Reserve enough memory to: * 1) allocate PDP pages for the shadow map(s), - * 2) shadow one page of memory, so one PD page, one PT page, and one shadow - * page per shadow map. + * 2) shadow the boot stack of KSTACK_PAGES pages, + * so we need one PD page, one or two PT pages, and KSTACK_PAGES shadow pages + * per shadow map. */ #ifdef KASAN -#define SAN_EARLY_PAGES (NKASANPML4E + 3) +#define SAN_EARLY_PAGES \ + (NKASANPML4E + 1 + 2 + howmany(KSTACK_PAGES, KASAN_SHADOW_SCALE)) #else -#define SAN_EARLY_PAGES (NKMSANSHADPML4E + NKMSANORIGPML4E + 2 * 3) +#define SAN_EARLY_PAGES \ + (NKMSANSHADPML4E + NKMSANORIGPML4E + 2 * (1 + 2 + KSTACK_PAGES)) #endif static uint64_t __nosanitizeaddress __nosanitizememory