From 5aa5420ff2e8cfdcfb16316a8978db185f8891a2 Mon Sep 17 00:00:00 2001
From: Mark Johnston <markj@FreeBSD.org>
Date: Sat, 29 Feb 2020 18:41:48 +0000
Subject: [PATCH] Ensure that arm64 thread structures are allocated from the
 direct map.

Otherwise we can fail to handle translation faults on curthread, leading
to a panic.

Reviewed by:	alc, rlibby
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23895
---
 sys/kern/kern_thread.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/sys/kern/kern_thread.c b/sys/kern/kern_thread.c
index e234b4056a18..2169c4b2697e 100644
--- a/sys/kern/kern_thread.c
+++ b/sys/kern/kern_thread.c
@@ -331,6 +331,7 @@ proc_linkup(struct proc *p, struct thread *td)
 void
 threadinit(void)
 {
+	uint32_t flags;
 
 	mtx_init(&tid_lock, "TID lock", NULL, MTX_DEF);
 
@@ -340,9 +341,20 @@ threadinit(void)
 	 */
 	tid_unrhdr = new_unrhdr(PID_MAX + 2, INT_MAX, &tid_lock);
 
+	flags = UMA_ZONE_NOFREE;
+#ifdef __aarch64__
+	/*
+	 * Force thread structures to be allocated from the direct map.
+	 * Otherwise, superpage promotions and demotions may temporarily
+	 * invalidate thread structure mappings.  For most dynamically allocated
+	 * structures this is not a problem, but translation faults cannot be
+	 * handled without accessing curthread.
+	 */
+	flags |= UMA_ZONE_CONTIG;
+#endif
 	thread_zone = uma_zcreate("THREAD", sched_sizeof_thread(),
 	    thread_ctor, thread_dtor, thread_init, thread_fini,
-	    32 - 1, UMA_ZONE_NOFREE);
+	    32 - 1, flags);
 	tidhashtbl = hashinit(maxproc / 2, M_TIDHASH, &tidhash);
 	rw_init(&tidhash_lock, "tidhash");
 }