On Mon, Jun 22, 2020 at 01:27:22AM +0200, Mark Kettenis wrote:
> > Date: Mon, 22 Jun 2020 02:06:39 +0300
> > From: Paul Irofti <[email protected]>
> >
> > În 22 iunie 2020 00:15:59 EEST, Christian Weisgerber <[email protected]> a
> > scris:
> > >Paul Irofti:
> > >
> > >[Unrelated, just to mark where we're at]
> > >> Right. Just reproduced it here. This moves the check at the top so
> > >that
> > >> each CPU checks its own skew and disables tc_user if necessary.
> > >
> > >I tweaked the patch locally to make _timekeep a visible global
> > >symbol in libc.
> > >
> > >Printing its value has revealed two issues:
> > >
> > >* The timekeep page is mapped to the same address for every process.
> > > It changes across reboots, but once running, it's always the same.
> > > kettenis suggested
> > > - vaddr_t va;
> > > + vaddr_t va = 0;
> > > in exec_timekeep_map(), but that doesn't make a difference.
> >
> > The va is set a few lines down the line. No point in
> > initialization. This is identical behavior to the emul mapping
> > before timekeep.
>
> Well, uvm_map() picks a virtual address based on the value of va that
> is passed in. If it is zero, it picks a random address. If not, it
> uses the value as a hint and tries to pick something nearby. So
> passing in stack garbage is a bad thing.
But uoffset=0 means it is not UVM_UNKNOWN_OFFSET (-1) and we have a
non-NULL uobj, so my understanding is that the va address is ignored in
this case. So it does not need to be initialized. Right?
if (uvm_map(kernel_map, &va, round_page(timekeep_sz), timekeep_object,
0, 0, UVM_MAPFLAG(PROT_READ | PROT_WRITE, PROT_READ | PROT_WRITE,
MAP_INHERIT_SHARE, MADV_RANDOM, 0))) {
None the less, I added va=0 in my diff. But I think it is pointless. If
you disagree, then do you OK the following diff?
diff --git sys/kern/kern_exec.c sys/kern/kern_exec.c
index 20480c2fc28..2b2b4f15222 100644
--- sys/kern/kern_exec.c
+++ sys/kern/kern_exec.c
@@ -828,7 +828,7 @@ exec_sigcode_map(struct process *pr, struct emul *e)
extern int sigfillsiz;
extern u_char sigfill[];
size_t off;
- vaddr_t va;
+ vaddr_t va = 0;
int r;
e->e_sigobject = uao_create(sz, 0);
