Always clear L1 PTE descriptor when removing superpage on ARM

Invalidate L1 PTE regardles of existance of the corresponding
l2_bucket. This is relevant when superpage is entered via
pmap_enter_object() and will fix crash on entering page
in place of not properly removed superpage.
This commit is contained in:
zbb 2014-02-15 13:13:00 +00:00
parent ca6b9bbd7f
commit 2edbe39b71
2 changed files with 8 additions and 6 deletions
sys/arm
arm
include

@ -3700,13 +3700,14 @@ pmap_remove_section(pmap_t pmap, vm_offset_t sva)
KASSERT(l2b->l2b_occupancy == L2_PTE_NUM_TOTAL,
("pmap_remove_section: l2_bucket occupancy error"));
pmap_free_l2_bucket(pmap, l2b, L2_PTE_NUM_TOTAL);
/*
* Now invalidate L1 slot as it was not invalidated in
* pmap_free_l2_bucket() due to L1_TYPE mismatch.
*/
*pl1pd = 0;
PTE_SYNC(pl1pd);
}
/* Now invalidate L1 slot */
*pl1pd = 0;
PTE_SYNC(pl1pd);
if (L1_S_EXECUTABLE(l1pd))
cpu_tlb_flushID_SE(sva);
else
cpu_tlb_flushD_SE(sva);
}
/*

@ -527,6 +527,7 @@ extern int pmap_needs_pte_sync;
#define L1_S_PROT_MASK (L1_S_PROT_W|L1_S_PROT_U)
#define L1_S_REF (L1_S_AP(AP_REF)) /* Reference flag */
#define L1_S_WRITABLE(pd) (!((pd) & L1_S_PROT_W))
#define L1_S_EXECUTABLE(pd) (!((pd) & L1_S_XN))
#define L1_S_REFERENCED(pd) ((pd) & L1_S_REF)
#define L1_S_PROT(ku, pr) (((((ku) == PTE_KERNEL) ? 0 : L1_S_PROT_U) | \