emulators/virtualbox-ose-kmod: Fix a pair of VM bugs

- Use vm_pager_allocate() to allocate OBJT_PHYS objects.  This ensures
  that they're initialized properly.
- Don't assume that user wiring will succeed.

This had been a team effort, with multiple independent reports,
a wide variety of experiments, and patches written by kib@
and refined by markj@.

I'm bumping PORTREVISION and aligning the revision of both kmod and
application; it's possible the application bump isn't actually
needed but let's make sure they both get rebuilt with this
important (because of changed kernel assumptions) fix.

PR:		249326
Submitted by:	kib, markj
Reported by:	adridg, Rainer Hurling
Reviewed by:	adridg
Approved by:	koobs (vbox)
MFH:		2020Q3

emulators/virtualbox-ose-kmod/Makefile

@@ -3,7 +3,7 @@
 
 PORTNAME=	virtualbox-ose
 PORTVERSION=	5.2.44
-PORTREVISION=	1
+PORTREVISION=	3
 CATEGORIES=	emulators
 MASTER_SITES=	https://download.oracle.com/virtualbox/${PORTVERSION}/
 PKGNAMESUFFIX=	-kmod

emulators/virtualbox-ose/Makefile

@@ -3,7 +3,7 @@
 
 PORTNAME=	virtualbox-ose
 PORTVERSION=	5.2.44
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	emulators
 MASTER_SITES=	https://download.oracle.com/virtualbox/${PORTVERSION}/
 DISTFILES=	VirtualBox-${PORTVERSION}${EXTRACT_SUFX} ${GUESTADDITIONS}

emulators/virtualbox-ose/files/patch-src_VBox_Runtime_r0drv_freebsd_memobj-r0drv-freebsd.c

@@ -1,4 +1,4 @@
---- src/VBox/Runtime/r0drv/freebsd/memobj-r0drv-freebsd.c.orig	2018-10-15 14:31:31 UTC
+--- src/VBox/Runtime/r0drv/freebsd/memobj-r0drv-freebsd.c.orig	2020-07-09 16:57:38 UTC
 +++ src/VBox/Runtime/r0drv/freebsd/memobj-r0drv-freebsd.c
 @@ -105,6 +105,7 @@ static vm_map_t rtR0MemObjFreeBSDGetMap(PRTR0MEMOBJINT
  
@@ -114,7 +114,17 @@
                  vm_page_unlock_queues();
  #endif
              }
-@@ -364,58 +364,77 @@ static int rtR0MemObjFreeBSDAllocHelper(PRTR0MEMOBJFRE
+@@ -323,7 +323,8 @@ static int rtR0MemObjFreeBSDAllocHelper(PRTR0MEMOBJFRE
+     size_t      cPages = atop(pMemFreeBSD->Core.cb);
+     int         rc;
+ 
+-    pMemFreeBSD->pObject = vm_object_allocate(OBJT_PHYS, cPages);
++    pMemFreeBSD->pObject = vm_pager_allocate(OBJT_PHYS, NULL,
++        pMemFreeBSD->Core.cb, VM_PROT_ALL, 0, curthread->td_ucred);
+ 
+     /* No additional object reference for auto-deallocation upon unmapping. */
+ #if __FreeBSD_version >= 1000055
+@@ -364,58 +365,77 @@ static int rtR0MemObjFreeBSDAllocHelper(PRTR0MEMOBJFRE
  }
  DECLHIDDEN(int) rtR0MemObjNativeAllocPage(PPRTR0MEMOBJINTERNAL ppMem, size_t cb, bool fExecutable)
  {
@@ -192,7 +202,7 @@
      return rc;
  }
  
-@@ -425,6 +444,7 @@ static int rtR0MemObjFreeBSDAllocPhysPages(PPRTR0MEMOB
+@@ -425,6 +445,7 @@ static int rtR0MemObjFreeBSDAllocPhysPages(PPRTR0MEMOB
                                             RTHCPHYS PhysHighest, size_t uAlignment,
                                             bool fContiguous, int rcNoMem)
  {
@@ -200,7 +210,7 @@
      uint32_t   cPages = atop(cb);
      vm_paddr_t VmPhysAddrHigh;
  
-@@ -432,7 +452,10 @@ static int rtR0MemObjFreeBSDAllocPhysPages(PPRTR0MEMOB
+@@ -432,9 +453,13 @@ static int rtR0MemObjFreeBSDAllocPhysPages(PPRTR0MEMOB
      PRTR0MEMOBJFREEBSD pMemFreeBSD = (PRTR0MEMOBJFREEBSD)rtR0MemObjNew(sizeof(*pMemFreeBSD),
                                                                         enmType, NULL, cb);
      if (!pMemFreeBSD)
@@ -209,9 +219,13 @@
          return VERR_NO_MEMORY;
 +    }
  
-     pMemFreeBSD->pObject = vm_object_allocate(OBJT_PHYS, atop(cb));
+-    pMemFreeBSD->pObject = vm_object_allocate(OBJT_PHYS, atop(cb));
++    pMemFreeBSD->pObject = vm_pager_allocate(OBJT_PHYS, NULL,
++        pMemFreeBSD->Core.cb, VM_PROT_ALL, 0, curthread->td_ucred);
  
-@@ -470,6 +493,7 @@ static int rtR0MemObjFreeBSDAllocPhysPages(PPRTR0MEMOB
+     if (PhysHighest != NIL_RTHCPHYS)
+         VmPhysAddrHigh = PhysHighest;
+@@ -470,6 +495,7 @@ static int rtR0MemObjFreeBSDAllocPhysPages(PPRTR0MEMOB
          rtR0MemObjDelete(&pMemFreeBSD->Core);
      }
  
@@ -219,7 +233,7 @@
      return rc;
  }
  
-@@ -489,17 +513,22 @@ DECLHIDDEN(int) rtR0MemObjNativeAllocPhysNC(PPRTR0MEMO
+@@ -489,17 +515,22 @@ DECLHIDDEN(int) rtR0MemObjNativeAllocPhysNC(PPRTR0MEMO
  DECLHIDDEN(int) rtR0MemObjNativeEnterPhys(PPRTR0MEMOBJINTERNAL ppMem, RTHCPHYS Phys, size_t cb, uint32_t uCachePolicy)
  {
      AssertReturn(uCachePolicy == RTMEM_CACHE_POLICY_DONT_CARE, VERR_NOT_SUPPORTED);
@@ -242,7 +256,7 @@
      return VINF_SUCCESS;
  }
  
-@@ -511,6 +540,7 @@ static int rtR0MemObjNativeLockInMap(PPRTR0MEMOBJINTER
+@@ -511,6 +542,7 @@ static int rtR0MemObjNativeLockInMap(PPRTR0MEMOBJINTER
                                       vm_offset_t AddrStart, size_t cb, uint32_t fAccess,
                                       RTR0PROCESS R0Process, int fFlags)
  {
@@ -250,7 +264,7 @@
      int rc;
      NOREF(fAccess);
  
-@@ -519,21 +549,28 @@ static int rtR0MemObjNativeLockInMap(PPRTR0MEMOBJINTER
+@@ -519,21 +551,28 @@ static int rtR0MemObjNativeLockInMap(PPRTR0MEMOBJINTER
      if (!pMemFreeBSD)
          return VERR_NO_MEMORY;
  
@@ -287,7 +301,7 @@
      return VERR_NO_MEMORY;/** @todo fix mach -> vbox error conversion for freebsd. */
  }
  
-@@ -569,6 +606,7 @@ DECLHIDDEN(int) rtR0MemObjNativeLockKernel(PPRTR0MEMOB
+@@ -569,6 +608,7 @@ DECLHIDDEN(int) rtR0MemObjNativeLockKernel(PPRTR0MEMOB
   */
  static int rtR0MemObjNativeReserveInMap(PPRTR0MEMOBJINTERNAL ppMem, void *pvFixed, size_t cb, size_t uAlignment, RTR0PROCESS R0Process, vm_map_t pMap)
  {
@@ -295,7 +309,7 @@
      int rc;
  
      /*
-@@ -626,11 +664,13 @@ static int rtR0MemObjNativeReserveInMap(PPRTR0MEMOBJIN
+@@ -626,11 +666,13 @@ static int rtR0MemObjNativeReserveInMap(PPRTR0MEMOBJIN
          pMemFreeBSD->Core.pv = (void *)MapAddress;
          pMemFreeBSD->Core.u.ResVirt.R0Process = R0Process;
          *ppMem = &pMemFreeBSD->Core;
@@ -309,7 +323,7 @@
      return rc;
  
  }
-@@ -652,6 +692,8 @@ DECLHIDDEN(int) rtR0MemObjNativeReserveUser(PPRTR0MEMO
+@@ -652,6 +694,8 @@ DECLHIDDEN(int) rtR0MemObjNativeReserveUser(PPRTR0MEMO
  DECLHIDDEN(int) rtR0MemObjNativeMapKernel(PPRTR0MEMOBJINTERNAL ppMem, RTR0MEMOBJ pMemToMap, void *pvFixed, size_t uAlignment,
                                            unsigned fProt, size_t offSub, size_t cbSub)
  {
@@ -318,7 +332,7 @@
  //  AssertMsgReturn(!offSub && !cbSub, ("%#x %#x\n", offSub, cbSub), VERR_NOT_SUPPORTED);
      AssertMsgReturn(pvFixed == (void *)-1, ("%p\n", pvFixed), VERR_NOT_SUPPORTED);
  
-@@ -707,6 +749,7 @@ DECLHIDDEN(int) rtR0MemObjNativeMapKernel(PPRTR0MEMOBJ
+@@ -707,6 +751,7 @@ DECLHIDDEN(int) rtR0MemObjNativeMapKernel(PPRTR0MEMOBJ
              Assert((vm_offset_t)pMemFreeBSD->Core.pv == Addr);
              pMemFreeBSD->Core.u.Mapping.R0Process = NIL_RTR0PROCESS;
              *ppMem = &pMemFreeBSD->Core;
@@ -326,7 +340,7 @@
              return VINF_SUCCESS;
          }
          rc = vm_map_remove(kernel_map, Addr, Addr + cbSub);
-@@ -715,6 +758,7 @@ DECLHIDDEN(int) rtR0MemObjNativeMapKernel(PPRTR0MEMOBJ
+@@ -715,6 +760,7 @@ DECLHIDDEN(int) rtR0MemObjNativeMapKernel(PPRTR0MEMOBJ
      else
          vm_object_deallocate(pMemToMapFreeBSD->pObject);
  
@@ -334,7 +348,7 @@
      return VERR_NO_MEMORY;
  }
  
-@@ -722,6 +766,8 @@ DECLHIDDEN(int) rtR0MemObjNativeMapKernel(PPRTR0MEMOBJ
+@@ -722,6 +768,8 @@ DECLHIDDEN(int) rtR0MemObjNativeMapKernel(PPRTR0MEMOBJ
  DECLHIDDEN(int) rtR0MemObjNativeMapUser(PPRTR0MEMOBJINTERNAL ppMem, RTR0MEMOBJ pMemToMap, RTR3PTR R3PtrFixed, size_t uAlignment,
                                          unsigned fProt, RTR0PROCESS R0Process)
  {
@@ -343,7 +357,7 @@
      /*
       * Check for unsupported stuff.
       */
-@@ -751,7 +797,12 @@ DECLHIDDEN(int) rtR0MemObjNativeMapUser(PPRTR0MEMOBJIN
+@@ -751,7 +799,12 @@ DECLHIDDEN(int) rtR0MemObjNativeMapUser(PPRTR0MEMOBJIN
      {
          /** @todo is this needed?. */
          PROC_LOCK(pProc);
@@ -357,7 +371,20 @@
          PROC_UNLOCK(pProc);
      }
      else
-@@ -793,6 +844,7 @@ DECLHIDDEN(int) rtR0MemObjNativeMapUser(PPRTR0MEMOBJIN
+@@ -774,10 +827,9 @@ DECLHIDDEN(int) rtR0MemObjNativeMapUser(PPRTR0MEMOBJIN
+                      0);                    /* copy-on-write and similar flags */
+ 
+     if (rc == KERN_SUCCESS)
+-    {
+         rc = vm_map_wire(pProcMap, AddrR3, AddrR3 + pMemToMap->cb, VM_MAP_WIRE_USER|VM_MAP_WIRE_NOHOLES);
+-        AssertMsg(rc == KERN_SUCCESS, ("%#x\n", rc));
+-
++    if (rc == KERN_SUCCESS)
++    {
+         rc = vm_map_inherit(pProcMap, AddrR3, AddrR3 + pMemToMap->cb, VM_INHERIT_SHARE);
+         AssertMsg(rc == KERN_SUCCESS, ("%#x\n", rc));
+ 
+@@ -793,6 +845,7 @@ DECLHIDDEN(int) rtR0MemObjNativeMapUser(PPRTR0MEMOBJIN
              Assert((vm_offset_t)pMemFreeBSD->Core.pv == AddrR3);
              pMemFreeBSD->Core.u.Mapping.R0Process = R0Process;
              *ppMem = &pMemFreeBSD->Core;
@@ -365,7 +392,7 @@
              return VINF_SUCCESS;
          }
  
-@@ -802,19 +854,25 @@ DECLHIDDEN(int) rtR0MemObjNativeMapUser(PPRTR0MEMOBJIN
+@@ -802,19 +855,25 @@ DECLHIDDEN(int) rtR0MemObjNativeMapUser(PPRTR0MEMOBJIN
      else
          vm_object_deallocate(pMemToMapFreeBSD->pObject);
  
@@ -391,7 +418,7 @@
  
      if ((fProt & RTMEM_PROT_NONE) == RTMEM_PROT_NONE)
          ProtectionFlags = VM_PROT_NONE;
-@@ -826,6 +884,7 @@ DECLHIDDEN(int) rtR0MemObjNativeProtect(PRTR0MEMOBJINT
+@@ -826,6 +885,7 @@ DECLHIDDEN(int) rtR0MemObjNativeProtect(PRTR0MEMOBJINT
          ProtectionFlags |= VM_PROT_EXECUTE;
  
      int krc = vm_map_protect(pVmMap, AddrStart, AddrEnd, ProtectionFlags, FALSE);
@@ -399,7 +426,7 @@
      if (krc == KERN_SUCCESS)
          return VINF_SUCCESS;
  
-@@ -850,11 +909,19 @@ DECLHIDDEN(RTHCPHYS) rtR0MemObjNativeGetPagePhysAddr(P
+@@ -850,11 +910,19 @@ DECLHIDDEN(RTHCPHYS) rtR0MemObjNativeGetPagePhysAddr(P
  
              vm_offset_t pb = (vm_offset_t)pMemFreeBSD->Core.pv + ptoa(iPage);
  
@@ -423,7 +450,7 @@
          }
  
          case RTR0MEMOBJTYPE_MAPPING:
-@@ -863,11 +930,15 @@ DECLHIDDEN(RTHCPHYS) rtR0MemObjNativeGetPagePhysAddr(P
+@@ -863,11 +931,15 @@ DECLHIDDEN(RTHCPHYS) rtR0MemObjNativeGetPagePhysAddr(P
  
              if (pMemFreeBSD->Core.u.Mapping.R0Process != NIL_RTR0PROCESS)
              {
@@ -440,7 +467,7 @@
              }
              return vtophys(pb);
          }
-@@ -877,6 +948,7 @@ DECLHIDDEN(RTHCPHYS) rtR0MemObjNativeGetPagePhysAddr(P
+@@ -877,6 +949,7 @@ DECLHIDDEN(RTHCPHYS) rtR0MemObjNativeGetPagePhysAddr(P
          case RTR0MEMOBJTYPE_PHYS_NC:
          {
              RTHCPHYS addr;
@@ -448,7 +475,7 @@
  #if __FreeBSD_version >= 1000030
              VM_OBJECT_WLOCK(pMemFreeBSD->pObject);
  #else
-@@ -888,6 +960,7 @@ DECLHIDDEN(RTHCPHYS) rtR0MemObjNativeGetPagePhysAddr(P
+@@ -888,6 +961,7 @@ DECLHIDDEN(RTHCPHYS) rtR0MemObjNativeGetPagePhysAddr(P
  #else
              VM_OBJECT_UNLOCK(pMemFreeBSD->pObject);
  #endif

emulators/virtualbox-ose/files/patch-src_VBox_Runtime_r0drv_freebsd_the-freebsd-kernel.h

@@ -1,4 +1,4 @@
---- src/VBox/Runtime/r0drv/freebsd/the-freebsd-kernel.h.orig	2018-10-15 14:31:31 UTC
+--- src/VBox/Runtime/r0drv/freebsd/the-freebsd-kernel.h.orig	2020-07-09 16:57:38 UTC
 +++ src/VBox/Runtime/r0drv/freebsd/the-freebsd-kernel.h
 @@ -60,6 +60,7 @@
  #include <sys/smp.h>
@@ -8,7 +8,11 @@
  #include <vm/vm.h>
  #include <vm/pmap.h>            /* for vtophys */
  #include <vm/vm_map.h>
-@@ -70,7 +71,6 @@
+@@ -67,10 +68,10 @@
+ #include <vm/vm_kern.h>
+ #include <vm/vm_param.h>        /* KERN_SUCCESS ++ */
+ #include <vm/vm_page.h>
++#include <vm/vm_pager.h>
  #include <vm/vm_phys.h>         /* vm_phys_alloc_* */
  #include <vm/vm_extern.h>       /* kmem_alloc_attr */
  #include <vm/vm_pageout.h>      /* vm_contig_grow_cache */
@@ -16,7 +20,7 @@
  #include <sys/resourcevar.h>
  #include <machine/cpu.h>
  
-@@ -114,6 +114,24 @@
+@@ -114,6 +115,24 @@
   */
  #if 0 /** @todo Not available yet. */
  # define USE_KMEM_ALLOC_PROT