From 410af4c04b2e2e6ce6b6dc875d73785c1427eb3d Mon Sep 17 00:00:00 2001
From: mpi <mpi@openbsd.org>
Date: Fri, 5 Jun 2015 09:09:58 +0000
Subject: [PATCH] Remove the MANAGED flag when removing a PV entry.

Even if this change is not strickly needed, because the memory will be
returned to the pool it helped me track the use-after-free.
---
 sys/arch/powerpc/powerpc/pmap.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/arch/powerpc/powerpc/pmap.c b/sys/arch/powerpc/powerpc/pmap.c
index ed07862fc13..92cd81c0a9d 100644
--- a/sys/arch/powerpc/powerpc/pmap.c
+++ b/sys/arch/powerpc/powerpc/pmap.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pmap.c,v 1.146 2015/06/05 09:05:35 mpi Exp $ */
+/*	$OpenBSD: pmap.c,v 1.147 2015/06/05 09:09:58 mpi Exp $ */
 
 /*
  * Copyright (c) 2001, 2002, 2007 Dale Rahn.
@@ -498,6 +498,7 @@ pmap_enter_pv(struct pte_desc *pted, struct vm_page *pg)
 void
 pmap_remove_pv(struct pte_desc *pted)
 {
+	pted->pted_va &= ~PTED_VA_MANAGED_M;
 	LIST_REMOVE(pted, pted_pv_list);
 }
 
-- 
2.20.1