- add new RLIMIT_AS (aka RLIMIT_VMEM) resource that limits the total
address space available to processes. this limit exists in most other
modern unix variants, and like most of them, our defaults are unlimited.
remove the old mmap / rlimit.datasize hack.
- adds the VMCMD_STACK flag to all the stack-creation vmcmd callers.
it is currently unused, but was added a few years ago.
- add a pair of new process size values to kinfo_proc2{}. one is the
total size of the process memory map, and the other is the total size
adjusted for unused stack space (since most processes have a lot of
this...)
- patch sh, and csh to notice RLIMIT_AS. (in some cases, the alias
RLIMIT_VMEM was already present and used if availble.)
- patch ps, top and systat to notice the new k_vm_vsize member of
kinfo_proc2{}.
- update irix, svr4, svr4_32, linux and osf1 emulations to support
this information. (freebsd could be done, but that it's best left
as part of the full-update of compat/freebsd.)
this addresses PR 7897. it also gives correct memory usage values,
which have never been entirely correct (since mmap), and have been
very incorrect since jemalloc() was enabled.
tested on i386 and sparc64, build tested on several other platforms.
thanks to many folks for feedback and testing but most espcially
chuq and yamt for critical suggestions that lead to this patch not
having a special ugliness i wasn't happy with anyway :-)
2009-03-29 05:02:48 +04:00
|
|
|
/* $NetBSD: uvm_mmap.c,v 1.128 2009/03/29 01:02:51 mrg Exp $ */
|
1998-02-05 09:25:08 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Copyright (c) 1997 Charles D. Cranor and Washington University.
|
2001-05-25 08:06:11 +04:00
|
|
|
* Copyright (c) 1991, 1993 The Regents of the University of California.
|
1998-02-05 09:25:08 +03:00
|
|
|
* Copyright (c) 1988 University of Utah.
|
2001-05-25 08:06:11 +04:00
|
|
|
*
|
1998-02-05 09:25:08 +03:00
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* This code is derived from software contributed to Berkeley by
|
|
|
|
* the Systems Programming Group of the University of Utah Computer
|
|
|
|
* Science Department.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
|
|
* must display the following acknowledgement:
|
|
|
|
* This product includes software developed by the Charles D. Cranor,
|
2001-05-25 08:06:11 +04:00
|
|
|
* Washington University, University of California, Berkeley and
|
1998-02-05 09:25:08 +03:00
|
|
|
* its contributors.
|
|
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
|
|
|
* from: Utah $Hdr: vm_mmap.c 1.6 91/10/21$
|
|
|
|
* @(#)vm_mmap.c 8.5 (Berkeley) 5/19/94
|
1998-02-07 14:07:38 +03:00
|
|
|
* from: Id: uvm_mmap.c,v 1.1.2.14 1998/01/05 21:04:26 chuck Exp
|
1998-02-05 09:25:08 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* uvm_mmap.c: system call interface into VM system, plus kernel vm_mmap
|
|
|
|
* function.
|
|
|
|
*/
|
2001-11-10 10:36:59 +03:00
|
|
|
|
|
|
|
#include <sys/cdefs.h>
|
- add new RLIMIT_AS (aka RLIMIT_VMEM) resource that limits the total
address space available to processes. this limit exists in most other
modern unix variants, and like most of them, our defaults are unlimited.
remove the old mmap / rlimit.datasize hack.
- adds the VMCMD_STACK flag to all the stack-creation vmcmd callers.
it is currently unused, but was added a few years ago.
- add a pair of new process size values to kinfo_proc2{}. one is the
total size of the process memory map, and the other is the total size
adjusted for unused stack space (since most processes have a lot of
this...)
- patch sh, and csh to notice RLIMIT_AS. (in some cases, the alias
RLIMIT_VMEM was already present and used if availble.)
- patch ps, top and systat to notice the new k_vm_vsize member of
kinfo_proc2{}.
- update irix, svr4, svr4_32, linux and osf1 emulations to support
this information. (freebsd could be done, but that it's best left
as part of the full-update of compat/freebsd.)
this addresses PR 7897. it also gives correct memory usage values,
which have never been entirely correct (since mmap), and have been
very incorrect since jemalloc() was enabled.
tested on i386 and sparc64, build tested on several other platforms.
thanks to many folks for feedback and testing but most espcially
chuq and yamt for critical suggestions that lead to this patch not
having a special ugliness i wasn't happy with anyway :-)
2009-03-29 05:02:48 +04:00
|
|
|
__KERNEL_RCSID(0, "$NetBSD: uvm_mmap.c,v 1.128 2009/03/29 01:02:51 mrg Exp $");
|
2004-02-14 15:20:14 +03:00
|
|
|
|
|
|
|
#include "opt_compat_netbsd.h"
|
2006-05-20 19:45:37 +04:00
|
|
|
#include "opt_pax.h"
|
2006-09-30 14:56:31 +04:00
|
|
|
#include "veriexec.h"
|
2001-11-10 10:36:59 +03:00
|
|
|
|
1998-02-05 09:25:08 +03:00
|
|
|
#include <sys/param.h>
|
|
|
|
#include <sys/systm.h>
|
|
|
|
#include <sys/file.h>
|
|
|
|
#include <sys/filedesc.h>
|
|
|
|
#include <sys/resourcevar.h>
|
|
|
|
#include <sys/mman.h>
|
|
|
|
#include <sys/mount.h>
|
|
|
|
#include <sys/proc.h>
|
|
|
|
#include <sys/malloc.h>
|
|
|
|
#include <sys/vnode.h>
|
|
|
|
#include <sys/conf.h>
|
1998-05-10 16:35:58 +04:00
|
|
|
#include <sys/stat.h>
|
2006-09-30 14:56:31 +04:00
|
|
|
|
|
|
|
#if NVERIEXEC > 0
|
|
|
|
#include <sys/verified_exec.h>
|
|
|
|
#endif /* NVERIEXEC > 0 */
|
2006-05-20 19:45:37 +04:00
|
|
|
|
|
|
|
#ifdef PAX_MPROTECT
|
|
|
|
#include <sys/pax.h>
|
|
|
|
#endif /* PAX_MPROTECT */
|
1998-02-05 09:25:08 +03:00
|
|
|
|
|
|
|
#include <miscfs/specfs/specdev.h>
|
|
|
|
|
|
|
|
#include <sys/syscallargs.h>
|
|
|
|
|
|
|
|
#include <uvm/uvm.h>
|
|
|
|
#include <uvm/uvm_device.h>
|
|
|
|
|
2004-02-14 15:20:14 +03:00
|
|
|
#ifndef COMPAT_ZERODEV
|
2004-02-14 19:40:22 +03:00
|
|
|
#define COMPAT_ZERODEV(dev) (0)
|
2004-02-14 15:20:14 +03:00
|
|
|
#endif
|
1998-02-05 09:25:08 +03:00
|
|
|
|
2007-09-23 20:05:40 +04:00
|
|
|
static int
|
|
|
|
range_test(vaddr_t addr, vsize_t size, bool ismmap)
|
|
|
|
{
|
|
|
|
vaddr_t vm_min_address = VM_MIN_ADDRESS;
|
|
|
|
vaddr_t vm_max_address = VM_MAXUSER_ADDRESS;
|
|
|
|
vaddr_t eaddr = addr + size;
|
|
|
|
|
|
|
|
if (addr < vm_min_address)
|
|
|
|
return EINVAL;
|
|
|
|
if (eaddr > vm_max_address)
|
|
|
|
return ismmap ? EFBIG : EINVAL;
|
|
|
|
if (addr > eaddr) /* no wrapping! */
|
|
|
|
return ismmap ? EOVERFLOW : EINVAL;
|
|
|
|
return 0;
|
|
|
|
}
|
2007-05-12 00:41:14 +04:00
|
|
|
|
1998-02-05 09:25:08 +03:00
|
|
|
/*
|
|
|
|
* unimplemented VM system calls:
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_sbrk: sbrk system call.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* ARGSUSED */
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_sbrk(struct lwp *l, const struct sys_sbrk_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
1999-07-13 01:55:19 +04:00
|
|
|
syscallarg(intptr_t) incr;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
1998-03-09 03:58:55 +03:00
|
|
|
|
1999-03-09 15:18:22 +03:00
|
|
|
return (ENOSYS);
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_sstk: sstk system call.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* ARGSUSED */
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_sstk(struct lwp *l, const struct sys_sstk_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
1999-05-03 13:08:28 +04:00
|
|
|
syscallarg(int) incr;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
1998-03-09 03:58:55 +03:00
|
|
|
|
1999-03-09 15:18:22 +03:00
|
|
|
return (ENOSYS);
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_mincore: determine if pages are in core or not.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* ARGSUSED */
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_mincore(struct lwp *l, const struct sys_mincore_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
1999-06-16 03:27:47 +04:00
|
|
|
syscallarg(void *) addr;
|
1999-05-03 13:08:28 +04:00
|
|
|
syscallarg(size_t) len;
|
|
|
|
syscallarg(char *) vec;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
a whole bunch of changes to improve performance and robustness under load:
- remove special treatment of pager_map mappings in pmaps. this is
required now, since I've removed the globals that expose the address range.
pager_map now uses pmap_kenter_pa() instead of pmap_enter(), so there's
no longer any need to special-case it.
- eliminate struct uvm_vnode by moving its fields into struct vnode.
- rewrite the pageout path. the pager is now responsible for handling the
high-level requests instead of only getting control after a bunch of work
has already been done on its behalf. this will allow us to UBCify LFS,
which needs tighter control over its pages than other filesystems do.
writing a page to disk no longer requires making it read-only, which
allows us to write wired pages without causing all kinds of havoc.
- use a new PG_PAGEOUT flag to indicate that a page should be freed
on behalf of the pagedaemon when it's unlocked. this flag is very similar
to PG_RELEASED, but unlike PG_RELEASED, PG_PAGEOUT can be cleared if the
pageout fails due to eg. an indirect-block buffer being locked.
this allows us to remove the "version" field from struct vm_page,
and together with shrinking "loan_count" from 32 bits to 16,
struct vm_page is now 4 bytes smaller.
- no longer use PG_RELEASED for swap-backed pages. if the page is busy
because it's being paged out, we can't release the swap slot to be
reallocated until that write is complete, but unlike with vnodes we
don't keep a count of in-progress writes so there's no good way to
know when the write is done. instead, when we need to free a busy
swap-backed page, just sleep until we can get it busy ourselves.
- implement a fast-path for extending writes which allows us to avoid
zeroing new pages. this substantially reduces cpu usage.
- encapsulate the data used by the genfs code in a struct genfs_node,
which must be the first element of the filesystem-specific vnode data
for filesystems which use genfs_{get,put}pages().
- eliminate many of the UVM pagerops, since they aren't needed anymore
now that the pager "put" operation is a higher-level operation.
- enhance the genfs code to allow NFS to use the genfs_{get,put}pages
instead of a modified copy.
- clean up struct vnode by removing all the fields that used to be used by
the vfs_cluster.c code (which we don't use anymore with UBC).
- remove kmem_object and mb_object since they were useless.
instead of allocating pages to these objects, we now just allocate
pages with no object. such pages are mapped in the kernel until they
are freed, so we can use the mapping to find the page to free it.
this allows us to remove splvm() protection in several places.
The sum of all these changes improves write throughput on my
decstation 5000/200 to within 1% of the rate of NetBSD 1.5
and reduces the elapsed time for "make release" of a NetBSD 1.5
source tree on my 128MB pc to 10% less than a 1.5 kernel took.
2001-09-16 00:36:31 +04:00
|
|
|
struct vm_page *pg;
|
1999-06-16 03:27:47 +04:00
|
|
|
char *vec, pgi;
|
|
|
|
struct uvm_object *uobj;
|
|
|
|
struct vm_amap *amap;
|
|
|
|
struct vm_anon *anon;
|
2001-06-02 22:09:08 +04:00
|
|
|
struct vm_map_entry *entry;
|
1999-06-16 03:27:47 +04:00
|
|
|
vaddr_t start, end, lim;
|
2001-06-02 22:09:08 +04:00
|
|
|
struct vm_map *map;
|
1999-06-16 03:27:47 +04:00
|
|
|
vsize_t len;
|
|
|
|
int error = 0, npgs;
|
|
|
|
|
|
|
|
map = &p->p_vmspace->vm_map;
|
|
|
|
|
|
|
|
start = (vaddr_t)SCARG(uap, addr);
|
|
|
|
len = SCARG(uap, len);
|
|
|
|
vec = SCARG(uap, vec);
|
|
|
|
|
|
|
|
if (start & PAGE_MASK)
|
|
|
|
return (EINVAL);
|
|
|
|
len = round_page(len);
|
|
|
|
end = start + len;
|
|
|
|
if (end <= start)
|
|
|
|
return (EINVAL);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Lock down vec, so our returned status isn't outdated by
|
|
|
|
* storing the status byte for a page.
|
|
|
|
*/
|
|
|
|
|
2001-12-14 07:21:22 +03:00
|
|
|
npgs = len >> PAGE_SHIFT;
|
2006-10-05 18:48:32 +04:00
|
|
|
error = uvm_vslock(p->p_vmspace, vec, npgs, VM_PROT_WRITE);
|
2001-12-14 07:21:22 +03:00
|
|
|
if (error) {
|
|
|
|
return error;
|
|
|
|
}
|
1999-06-16 03:27:47 +04:00
|
|
|
vm_map_lock_read(map);
|
|
|
|
|
2007-02-22 09:05:00 +03:00
|
|
|
if (uvm_map_lookup_entry(map, start, &entry) == false) {
|
1999-06-16 03:27:47 +04:00
|
|
|
error = ENOMEM;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (/* nothing */;
|
|
|
|
entry != &map->header && entry->start < end;
|
|
|
|
entry = entry->next) {
|
2001-02-19 00:19:08 +03:00
|
|
|
KASSERT(!UVM_ET_ISSUBMAP(entry));
|
|
|
|
KASSERT(start >= entry->start);
|
|
|
|
|
1999-06-16 03:27:47 +04:00
|
|
|
/* Make sure there are no holes. */
|
|
|
|
if (entry->end < end &&
|
|
|
|
(entry->next == &map->header ||
|
|
|
|
entry->next->start > entry->end)) {
|
|
|
|
error = ENOMEM;
|
|
|
|
goto out;
|
|
|
|
}
|
1998-03-09 03:58:55 +03:00
|
|
|
|
1999-06-16 03:27:47 +04:00
|
|
|
lim = end < entry->end ? end : entry->end;
|
|
|
|
|
|
|
|
/*
|
1999-07-11 00:29:24 +04:00
|
|
|
* Special case for objects with no "real" pages. Those
|
|
|
|
* are always considered resident (mapped devices).
|
1999-06-16 03:27:47 +04:00
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1999-06-16 03:27:47 +04:00
|
|
|
if (UVM_ET_ISOBJ(entry)) {
|
2001-02-19 00:19:08 +03:00
|
|
|
KASSERT(!UVM_OBJ_IS_KERN_OBJECT(entry->object.uvm_obj));
|
2003-11-29 22:06:48 +03:00
|
|
|
if (UVM_OBJ_IS_DEVICE(entry->object.uvm_obj)) {
|
1999-06-16 03:27:47 +04:00
|
|
|
for (/* nothing */; start < lim;
|
|
|
|
start += PAGE_SIZE, vec++)
|
|
|
|
subyte(vec, 1);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1999-07-11 00:40:23 +04:00
|
|
|
amap = entry->aref.ar_amap; /* top layer */
|
|
|
|
uobj = entry->object.uvm_obj; /* bottom layer */
|
1999-06-16 03:27:47 +04:00
|
|
|
|
|
|
|
if (amap != NULL)
|
|
|
|
amap_lock(amap);
|
|
|
|
if (uobj != NULL)
|
2008-01-02 14:48:20 +03:00
|
|
|
mutex_enter(&uobj->vmobjlock);
|
1999-06-16 03:27:47 +04:00
|
|
|
|
|
|
|
for (/* nothing */; start < lim; start += PAGE_SIZE, vec++) {
|
|
|
|
pgi = 0;
|
|
|
|
if (amap != NULL) {
|
|
|
|
/* Check the top layer first. */
|
|
|
|
anon = amap_lookup(&entry->aref,
|
|
|
|
start - entry->start);
|
|
|
|
/* Don't need to lock anon here. */
|
2005-05-11 17:02:25 +04:00
|
|
|
if (anon != NULL && anon->an_page != NULL) {
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1999-06-16 03:27:47 +04:00
|
|
|
/*
|
|
|
|
* Anon has the page for this entry
|
|
|
|
* offset.
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1999-06-16 03:27:47 +04:00
|
|
|
pgi = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (uobj != NULL && pgi == 0) {
|
|
|
|
/* Check the bottom layer. */
|
a whole bunch of changes to improve performance and robustness under load:
- remove special treatment of pager_map mappings in pmaps. this is
required now, since I've removed the globals that expose the address range.
pager_map now uses pmap_kenter_pa() instead of pmap_enter(), so there's
no longer any need to special-case it.
- eliminate struct uvm_vnode by moving its fields into struct vnode.
- rewrite the pageout path. the pager is now responsible for handling the
high-level requests instead of only getting control after a bunch of work
has already been done on its behalf. this will allow us to UBCify LFS,
which needs tighter control over its pages than other filesystems do.
writing a page to disk no longer requires making it read-only, which
allows us to write wired pages without causing all kinds of havoc.
- use a new PG_PAGEOUT flag to indicate that a page should be freed
on behalf of the pagedaemon when it's unlocked. this flag is very similar
to PG_RELEASED, but unlike PG_RELEASED, PG_PAGEOUT can be cleared if the
pageout fails due to eg. an indirect-block buffer being locked.
this allows us to remove the "version" field from struct vm_page,
and together with shrinking "loan_count" from 32 bits to 16,
struct vm_page is now 4 bytes smaller.
- no longer use PG_RELEASED for swap-backed pages. if the page is busy
because it's being paged out, we can't release the swap slot to be
reallocated until that write is complete, but unlike with vnodes we
don't keep a count of in-progress writes so there's no good way to
know when the write is done. instead, when we need to free a busy
swap-backed page, just sleep until we can get it busy ourselves.
- implement a fast-path for extending writes which allows us to avoid
zeroing new pages. this substantially reduces cpu usage.
- encapsulate the data used by the genfs code in a struct genfs_node,
which must be the first element of the filesystem-specific vnode data
for filesystems which use genfs_{get,put}pages().
- eliminate many of the UVM pagerops, since they aren't needed anymore
now that the pager "put" operation is a higher-level operation.
- enhance the genfs code to allow NFS to use the genfs_{get,put}pages
instead of a modified copy.
- clean up struct vnode by removing all the fields that used to be used by
the vfs_cluster.c code (which we don't use anymore with UBC).
- remove kmem_object and mb_object since they were useless.
instead of allocating pages to these objects, we now just allocate
pages with no object. such pages are mapped in the kernel until they
are freed, so we can use the mapping to find the page to free it.
this allows us to remove splvm() protection in several places.
The sum of all these changes improves write throughput on my
decstation 5000/200 to within 1% of the rate of NetBSD 1.5
and reduces the elapsed time for "make release" of a NetBSD 1.5
source tree on my 128MB pc to 10% less than a 1.5 kernel took.
2001-09-16 00:36:31 +04:00
|
|
|
pg = uvm_pagelookup(uobj,
|
1999-06-16 03:27:47 +04:00
|
|
|
entry->offset + (start - entry->start));
|
a whole bunch of changes to improve performance and robustness under load:
- remove special treatment of pager_map mappings in pmaps. this is
required now, since I've removed the globals that expose the address range.
pager_map now uses pmap_kenter_pa() instead of pmap_enter(), so there's
no longer any need to special-case it.
- eliminate struct uvm_vnode by moving its fields into struct vnode.
- rewrite the pageout path. the pager is now responsible for handling the
high-level requests instead of only getting control after a bunch of work
has already been done on its behalf. this will allow us to UBCify LFS,
which needs tighter control over its pages than other filesystems do.
writing a page to disk no longer requires making it read-only, which
allows us to write wired pages without causing all kinds of havoc.
- use a new PG_PAGEOUT flag to indicate that a page should be freed
on behalf of the pagedaemon when it's unlocked. this flag is very similar
to PG_RELEASED, but unlike PG_RELEASED, PG_PAGEOUT can be cleared if the
pageout fails due to eg. an indirect-block buffer being locked.
this allows us to remove the "version" field from struct vm_page,
and together with shrinking "loan_count" from 32 bits to 16,
struct vm_page is now 4 bytes smaller.
- no longer use PG_RELEASED for swap-backed pages. if the page is busy
because it's being paged out, we can't release the swap slot to be
reallocated until that write is complete, but unlike with vnodes we
don't keep a count of in-progress writes so there's no good way to
know when the write is done. instead, when we need to free a busy
swap-backed page, just sleep until we can get it busy ourselves.
- implement a fast-path for extending writes which allows us to avoid
zeroing new pages. this substantially reduces cpu usage.
- encapsulate the data used by the genfs code in a struct genfs_node,
which must be the first element of the filesystem-specific vnode data
for filesystems which use genfs_{get,put}pages().
- eliminate many of the UVM pagerops, since they aren't needed anymore
now that the pager "put" operation is a higher-level operation.
- enhance the genfs code to allow NFS to use the genfs_{get,put}pages
instead of a modified copy.
- clean up struct vnode by removing all the fields that used to be used by
the vfs_cluster.c code (which we don't use anymore with UBC).
- remove kmem_object and mb_object since they were useless.
instead of allocating pages to these objects, we now just allocate
pages with no object. such pages are mapped in the kernel until they
are freed, so we can use the mapping to find the page to free it.
this allows us to remove splvm() protection in several places.
The sum of all these changes improves write throughput on my
decstation 5000/200 to within 1% of the rate of NetBSD 1.5
and reduces the elapsed time for "make release" of a NetBSD 1.5
source tree on my 128MB pc to 10% less than a 1.5 kernel took.
2001-09-16 00:36:31 +04:00
|
|
|
if (pg != NULL) {
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1999-06-16 03:27:47 +04:00
|
|
|
/*
|
|
|
|
* Object has the page for this entry
|
|
|
|
* offset.
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1999-06-16 03:27:47 +04:00
|
|
|
pgi = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
(void) subyte(vec, pgi);
|
|
|
|
}
|
|
|
|
if (uobj != NULL)
|
2008-01-02 14:48:20 +03:00
|
|
|
mutex_exit(&uobj->vmobjlock);
|
1999-06-16 03:27:47 +04:00
|
|
|
if (amap != NULL)
|
|
|
|
amap_unlock(amap);
|
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
vm_map_unlock_read(map);
|
2006-10-05 18:48:32 +04:00
|
|
|
uvm_vsunlock(p->p_vmspace, SCARG(uap, vec), npgs);
|
1999-06-16 03:27:47 +04:00
|
|
|
return (error);
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_mmap: mmap system call.
|
|
|
|
*
|
2002-05-31 20:49:50 +04:00
|
|
|
* => file offset and address may not be page aligned
|
1998-02-05 09:25:08 +03:00
|
|
|
* - if MAP_FIXED, offset and address must have remainder mod PAGE_SIZE
|
|
|
|
* - if address isn't page aligned the mapping starts at trunc_page(addr)
|
|
|
|
* and the return value is adjusted up by the page offset.
|
|
|
|
*/
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_mmap(struct lwp *l, const struct sys_mmap_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
2007-03-04 08:59:00 +03:00
|
|
|
syscallarg(void *) addr;
|
1998-03-09 03:58:55 +03:00
|
|
|
syscallarg(size_t) len;
|
|
|
|
syscallarg(int) prot;
|
|
|
|
syscallarg(int) flags;
|
|
|
|
syscallarg(int) fd;
|
|
|
|
syscallarg(long) pad;
|
|
|
|
syscallarg(off_t) pos;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1998-08-13 06:10:37 +04:00
|
|
|
vaddr_t addr;
|
1998-05-10 16:35:58 +04:00
|
|
|
struct vattr va;
|
1998-03-09 03:58:55 +03:00
|
|
|
off_t pos;
|
1998-08-13 06:10:37 +04:00
|
|
|
vsize_t size, pageoff;
|
1998-03-09 03:58:55 +03:00
|
|
|
vm_prot_t prot, maxprot;
|
|
|
|
int flags, fd;
|
2007-05-12 00:41:14 +04:00
|
|
|
vaddr_t defaddr;
|
2007-10-08 19:12:05 +04:00
|
|
|
struct file *fp = NULL;
|
1998-03-09 03:58:55 +03:00
|
|
|
struct vnode *vp;
|
2001-03-15 09:10:32 +03:00
|
|
|
void *handle;
|
1998-03-09 03:58:55 +03:00
|
|
|
int error;
|
2007-12-27 01:11:47 +03:00
|
|
|
#ifdef PAX_ASLR
|
|
|
|
vaddr_t orig_addr;
|
|
|
|
#endif /* PAX_ASLR */
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* first, extract syscall args from the uap.
|
|
|
|
*/
|
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
addr = (vaddr_t)SCARG(uap, addr);
|
|
|
|
size = (vsize_t)SCARG(uap, len);
|
1998-03-09 03:58:55 +03:00
|
|
|
prot = SCARG(uap, prot) & VM_PROT_ALL;
|
|
|
|
flags = SCARG(uap, flags);
|
|
|
|
fd = SCARG(uap, fd);
|
|
|
|
pos = SCARG(uap, pos);
|
|
|
|
|
2007-12-27 01:11:47 +03:00
|
|
|
#ifdef PAX_ASLR
|
|
|
|
orig_addr = addr;
|
|
|
|
#endif /* PAX_ASLR */
|
|
|
|
|
1999-06-18 01:05:19 +04:00
|
|
|
/*
|
|
|
|
* Fixup the old deprecated MAP_COPY into MAP_PRIVATE, and
|
|
|
|
* validate the flags.
|
|
|
|
*/
|
|
|
|
if (flags & MAP_COPY)
|
|
|
|
flags = (flags & ~MAP_COPY) | MAP_PRIVATE;
|
|
|
|
if ((flags & (MAP_SHARED|MAP_PRIVATE)) == (MAP_SHARED|MAP_PRIVATE))
|
|
|
|
return (EINVAL);
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/*
|
|
|
|
* align file position and save offset. adjust size.
|
|
|
|
*/
|
|
|
|
|
|
|
|
pageoff = (pos & PAGE_MASK);
|
|
|
|
pos -= pageoff;
|
|
|
|
size += pageoff; /* add offset */
|
2001-03-15 09:10:32 +03:00
|
|
|
size = (vsize_t)round_page(size); /* round up */
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
2001-05-25 08:06:11 +04:00
|
|
|
* now check (MAP_FIXED) or get (!MAP_FIXED) the "addr"
|
1998-03-09 03:58:55 +03:00
|
|
|
*/
|
|
|
|
if (flags & MAP_FIXED) {
|
|
|
|
|
|
|
|
/* ensure address and file offset are aligned properly */
|
|
|
|
addr -= pageoff;
|
|
|
|
if (addr & PAGE_MASK)
|
|
|
|
return (EINVAL);
|
|
|
|
|
2007-09-23 20:05:40 +04:00
|
|
|
error = range_test(addr, size, true);
|
|
|
|
if (error)
|
|
|
|
return error;
|
2003-07-06 20:19:18 +04:00
|
|
|
} else if (addr == 0 || !(flags & MAP_TRYFIXED)) {
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
2003-02-21 01:16:05 +03:00
|
|
|
* not fixed: make sure we skip over the largest
|
|
|
|
* possible heap for non-topdown mapping arrangements.
|
|
|
|
* we will refine our guess later (e.g. to account for
|
|
|
|
* VAC, etc)
|
1998-03-09 03:58:55 +03:00
|
|
|
*/
|
2000-11-27 11:39:39 +03:00
|
|
|
|
2005-03-26 08:12:34 +03:00
|
|
|
defaddr = p->p_emul->e_vm_default_addr(p,
|
|
|
|
(vaddr_t)p->p_vmspace->vm_daddr, size);
|
|
|
|
|
2003-02-21 01:16:05 +03:00
|
|
|
if (addr == 0 ||
|
|
|
|
!(p->p_vmspace->vm_map.flags & VM_MAP_TOPDOWN))
|
2005-03-26 08:12:34 +03:00
|
|
|
addr = MAX(addr, defaddr);
|
2003-02-21 01:16:05 +03:00
|
|
|
else
|
2005-03-26 08:12:34 +03:00
|
|
|
addr = MIN(addr, defaddr);
|
1998-03-09 03:58:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* check for file mappings (i.e. not anonymous) and verify file.
|
|
|
|
*/
|
|
|
|
|
|
|
|
if ((flags & MAP_ANON) == 0) {
|
2008-03-22 00:54:58 +03:00
|
|
|
if ((fp = fd_getfile(fd)) == NULL)
|
2001-06-15 00:32:41 +04:00
|
|
|
return (EBADF);
|
2007-10-08 19:12:05 +04:00
|
|
|
if (fp->f_type != DTYPE_VNODE) {
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
1998-03-28 19:58:04 +03:00
|
|
|
return (ENODEV); /* only mmap vnodes! */
|
2007-10-08 19:12:05 +04:00
|
|
|
}
|
2008-03-22 00:54:58 +03:00
|
|
|
vp = fp->f_data; /* convert to vnode */
|
1998-07-08 03:22:13 +04:00
|
|
|
if (vp->v_type != VREG && vp->v_type != VCHR &&
|
2007-10-08 19:12:05 +04:00
|
|
|
vp->v_type != VBLK) {
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
1998-07-08 03:22:13 +04:00
|
|
|
return (ENODEV); /* only REG/CHR/BLK support mmap */
|
2007-10-08 19:12:05 +04:00
|
|
|
}
|
|
|
|
if (vp->v_type != VCHR && pos < 0) {
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
2001-11-25 09:42:47 +03:00
|
|
|
return (EINVAL);
|
2007-10-08 19:12:05 +04:00
|
|
|
}
|
|
|
|
if (vp->v_type != VCHR && (pos + size) < pos) {
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
2000-03-28 22:45:19 +04:00
|
|
|
return (EOVERFLOW); /* no offset wrapping */
|
2007-10-08 19:12:05 +04:00
|
|
|
}
|
2000-03-28 22:45:19 +04:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/* special case: catch SunOS style /dev/zero */
|
2004-02-14 15:20:14 +03:00
|
|
|
if (vp->v_type == VCHR
|
|
|
|
&& (vp->v_rdev == zerodev || COMPAT_ZERODEV(vp->v_rdev))) {
|
1998-03-09 03:58:55 +03:00
|
|
|
flags |= MAP_ANON;
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
2007-10-08 19:12:05 +04:00
|
|
|
fp = NULL;
|
1998-03-09 03:58:55 +03:00
|
|
|
goto is_anon;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Old programs may not select a specific sharing type, so
|
|
|
|
* default to an appropriate one.
|
|
|
|
*
|
|
|
|
* XXX: how does MAP_ANON fit in the picture?
|
|
|
|
*/
|
1999-06-18 01:05:19 +04:00
|
|
|
if ((flags & (MAP_SHARED|MAP_PRIVATE)) == 0) {
|
1998-04-02 01:43:52 +04:00
|
|
|
#if defined(DEBUG)
|
1998-03-09 03:58:55 +03:00
|
|
|
printf("WARNING: defaulted mmap() share type to "
|
2003-05-04 05:54:26 +04:00
|
|
|
"%s (pid %d command %s)\n", vp->v_type == VCHR ?
|
1998-03-09 03:58:55 +03:00
|
|
|
"MAP_SHARED" : "MAP_PRIVATE", p->p_pid,
|
|
|
|
p->p_comm);
|
1998-02-05 09:25:08 +03:00
|
|
|
#endif
|
1998-03-09 03:58:55 +03:00
|
|
|
if (vp->v_type == VCHR)
|
|
|
|
flags |= MAP_SHARED; /* for a device */
|
|
|
|
else
|
|
|
|
flags |= MAP_PRIVATE; /* for a file */
|
|
|
|
}
|
|
|
|
|
2001-05-25 08:06:11 +04:00
|
|
|
/*
|
1998-03-09 03:58:55 +03:00
|
|
|
* MAP_PRIVATE device mappings don't make sense (and aren't
|
|
|
|
* supported anyway). However, some programs rely on this,
|
|
|
|
* so just change it to MAP_SHARED.
|
|
|
|
*/
|
|
|
|
if (vp->v_type == VCHR && (flags & MAP_PRIVATE) != 0) {
|
|
|
|
flags = (flags & ~MAP_PRIVATE) | MAP_SHARED;
|
|
|
|
}
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/*
|
|
|
|
* now check protection
|
|
|
|
*/
|
1998-02-05 09:25:08 +03:00
|
|
|
|
2001-01-08 04:35:03 +03:00
|
|
|
maxprot = VM_PROT_EXECUTE;
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/* check read access */
|
|
|
|
if (fp->f_flag & FREAD)
|
|
|
|
maxprot |= VM_PROT_READ;
|
2007-10-08 19:12:05 +04:00
|
|
|
else if (prot & PROT_READ) {
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
1998-03-09 03:58:55 +03:00
|
|
|
return (EACCES);
|
2007-10-08 19:12:05 +04:00
|
|
|
}
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1998-05-10 16:35:58 +04:00
|
|
|
/* check write access, shared case first */
|
1998-03-09 03:58:55 +03:00
|
|
|
if (flags & MAP_SHARED) {
|
1998-05-10 16:35:58 +04:00
|
|
|
/*
|
|
|
|
* if the file is writable, only add PROT_WRITE to
|
|
|
|
* maxprot if the file is not immutable, append-only.
|
|
|
|
* otherwise, if we have asked for PROT_WRITE, return
|
|
|
|
* EPERM.
|
|
|
|
*/
|
|
|
|
if (fp->f_flag & FWRITE) {
|
|
|
|
if ((error =
|
2007-11-26 22:01:26 +03:00
|
|
|
VOP_GETATTR(vp, &va, l->l_cred))) {
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
1998-05-10 16:35:58 +04:00
|
|
|
return (error);
|
2007-10-08 19:12:05 +04:00
|
|
|
}
|
2004-05-25 18:54:55 +04:00
|
|
|
if ((va.va_flags &
|
|
|
|
(SF_SNAPSHOT|IMMUTABLE|APPEND)) == 0)
|
1998-05-10 16:35:58 +04:00
|
|
|
maxprot |= VM_PROT_WRITE;
|
2007-10-08 19:12:05 +04:00
|
|
|
else if (prot & PROT_WRITE) {
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
1998-05-10 16:35:58 +04:00
|
|
|
return (EPERM);
|
2007-10-08 19:12:05 +04:00
|
|
|
}
|
1998-05-10 16:35:58 +04:00
|
|
|
}
|
2007-10-08 19:12:05 +04:00
|
|
|
else if (prot & PROT_WRITE) {
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
1998-03-09 03:58:55 +03:00
|
|
|
return (EACCES);
|
2007-10-08 19:12:05 +04:00
|
|
|
}
|
1998-03-09 03:58:55 +03:00
|
|
|
} else {
|
|
|
|
/* MAP_PRIVATE mappings can always write to */
|
|
|
|
maxprot |= VM_PROT_WRITE;
|
|
|
|
}
|
2001-03-15 09:10:32 +03:00
|
|
|
handle = vp;
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
} else { /* MAP_ANON case */
|
1999-06-18 01:05:19 +04:00
|
|
|
/*
|
|
|
|
* XXX What do we do about (MAP_SHARED|MAP_PRIVATE) == 0?
|
|
|
|
*/
|
1998-03-09 03:58:55 +03:00
|
|
|
if (fd != -1)
|
|
|
|
return (EINVAL);
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1999-06-18 01:05:19 +04:00
|
|
|
is_anon: /* label for SunOS style /dev/zero */
|
1998-03-09 03:58:55 +03:00
|
|
|
handle = NULL;
|
|
|
|
maxprot = VM_PROT_ALL;
|
|
|
|
pos = 0;
|
|
|
|
}
|
1998-02-05 09:25:08 +03:00
|
|
|
|
Some Veriexec stuff that's been rotting in my tree for months.
Bug fixes:
- Fix crash reported by Scott Ellis on current-users@.
- Fix race conditions in enforcing the Veriexec rename and remove
policies. These are NOT security issues.
- Fix memory leak in rename handling when overwriting a monitored
file.
- Fix table deletion logic.
- Don't prevent query requests if not in learning mode.
KPI updates:
- fileassoc_table_run() now takes a cookie to pass to the callback.
- veriexec_table_add() was removed, it is now done internally. As a
result, there's no longer a need for VERIEXEC_TABLESIZE.
- veriexec_report() was removed, it is now internal.
- Perform sanity checks on the entry type, and enforce default type
in veriexec_file_add() rather than in veriexecctl.
- Add veriexec_flush(), used to delete all Veriexec tables, and
veriexec_dump(), used to fill an array with all Veriexec entries.
New features:
- Add a '-k' flag to veriexecctl, to keep the filenames in the kernel
database. This allows Veriexec to produce slightly more accurate
logs under certain circumstances. In the future, this can be either
replaced by vnode->pathname translation, or combined with it.
- Add a VERIEXEC_DUMP ioctl, to dump the entire Veriexec database.
This can be used to recover a database if the file was lost.
Example usage:
# veriexecctl dump > /etc/signatures
Note that only entries with the filename kept (that is, were loaded
with the '-k' flag) will be dumped.
Idea from Brett Lymn.
- Add a VERIEXEC_FLUSH ioctl, to delete all Veriexec entries. Sample
usage:
# veriexecctl flush
- Add a 'veriexec_flags' rc(8) variable, and make its default have
the '-k' flag. On systems using the default signatures file
(generaetd from running 'veriexecgen' with no arguments), this will
use additional 32kb of kernel memory on average.
- Add a '-e' flag to veriexecctl, to evaluate the fingerprint during
load. This is done automatically for files marked as 'untrusted'.
Misc. stuff:
- The code for veriexecctl was massively simplified as a result of
eliminating the need for VERIEXEC_TABLESIZE, and now uses a single
pass of the signatures file, making the loading somewhat faster.
- Lots of minor fixes found using the (still under development)
Veriexec regression testsuite.
- Some of the messages Veriexec prints were improved.
- Various documentation fixes.
All relevant man-pages were updated to reflect the above changes.
Binary compatibility with existing veriexecctl binaries is maintained.
2007-05-15 23:47:43 +04:00
|
|
|
#if NVERIEXEC > 0
|
|
|
|
if (handle != NULL) {
|
|
|
|
/*
|
|
|
|
* Check if the file can be executed indirectly.
|
|
|
|
*
|
|
|
|
* XXX: This gives false warnings about "Incorrect access type"
|
|
|
|
* XXX: if the mapping is not executable. Harmless, but will be
|
|
|
|
* XXX: fixed as part of other changes.
|
|
|
|
*/
|
|
|
|
if (veriexec_verify(l, handle, "(mmap)", VERIEXEC_INDIRECT,
|
|
|
|
NULL)) {
|
|
|
|
/*
|
|
|
|
* Don't allow executable mappings if we can't
|
|
|
|
* indirectly execute the file.
|
|
|
|
*/
|
2007-10-08 19:12:05 +04:00
|
|
|
if (prot & VM_PROT_EXECUTE) {
|
|
|
|
if (fp != NULL)
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
Some Veriexec stuff that's been rotting in my tree for months.
Bug fixes:
- Fix crash reported by Scott Ellis on current-users@.
- Fix race conditions in enforcing the Veriexec rename and remove
policies. These are NOT security issues.
- Fix memory leak in rename handling when overwriting a monitored
file.
- Fix table deletion logic.
- Don't prevent query requests if not in learning mode.
KPI updates:
- fileassoc_table_run() now takes a cookie to pass to the callback.
- veriexec_table_add() was removed, it is now done internally. As a
result, there's no longer a need for VERIEXEC_TABLESIZE.
- veriexec_report() was removed, it is now internal.
- Perform sanity checks on the entry type, and enforce default type
in veriexec_file_add() rather than in veriexecctl.
- Add veriexec_flush(), used to delete all Veriexec tables, and
veriexec_dump(), used to fill an array with all Veriexec entries.
New features:
- Add a '-k' flag to veriexecctl, to keep the filenames in the kernel
database. This allows Veriexec to produce slightly more accurate
logs under certain circumstances. In the future, this can be either
replaced by vnode->pathname translation, or combined with it.
- Add a VERIEXEC_DUMP ioctl, to dump the entire Veriexec database.
This can be used to recover a database if the file was lost.
Example usage:
# veriexecctl dump > /etc/signatures
Note that only entries with the filename kept (that is, were loaded
with the '-k' flag) will be dumped.
Idea from Brett Lymn.
- Add a VERIEXEC_FLUSH ioctl, to delete all Veriexec entries. Sample
usage:
# veriexecctl flush
- Add a 'veriexec_flags' rc(8) variable, and make its default have
the '-k' flag. On systems using the default signatures file
(generaetd from running 'veriexecgen' with no arguments), this will
use additional 32kb of kernel memory on average.
- Add a '-e' flag to veriexecctl, to evaluate the fingerprint during
load. This is done automatically for files marked as 'untrusted'.
Misc. stuff:
- The code for veriexecctl was massively simplified as a result of
eliminating the need for VERIEXEC_TABLESIZE, and now uses a single
pass of the signatures file, making the loading somewhat faster.
- Lots of minor fixes found using the (still under development)
Veriexec regression testsuite.
- Some of the messages Veriexec prints were improved.
- Various documentation fixes.
All relevant man-pages were updated to reflect the above changes.
Binary compatibility with existing veriexecctl binaries is maintained.
2007-05-15 23:47:43 +04:00
|
|
|
return (EPERM);
|
2007-10-08 19:12:05 +04:00
|
|
|
}
|
Some Veriexec stuff that's been rotting in my tree for months.
Bug fixes:
- Fix crash reported by Scott Ellis on current-users@.
- Fix race conditions in enforcing the Veriexec rename and remove
policies. These are NOT security issues.
- Fix memory leak in rename handling when overwriting a monitored
file.
- Fix table deletion logic.
- Don't prevent query requests if not in learning mode.
KPI updates:
- fileassoc_table_run() now takes a cookie to pass to the callback.
- veriexec_table_add() was removed, it is now done internally. As a
result, there's no longer a need for VERIEXEC_TABLESIZE.
- veriexec_report() was removed, it is now internal.
- Perform sanity checks on the entry type, and enforce default type
in veriexec_file_add() rather than in veriexecctl.
- Add veriexec_flush(), used to delete all Veriexec tables, and
veriexec_dump(), used to fill an array with all Veriexec entries.
New features:
- Add a '-k' flag to veriexecctl, to keep the filenames in the kernel
database. This allows Veriexec to produce slightly more accurate
logs under certain circumstances. In the future, this can be either
replaced by vnode->pathname translation, or combined with it.
- Add a VERIEXEC_DUMP ioctl, to dump the entire Veriexec database.
This can be used to recover a database if the file was lost.
Example usage:
# veriexecctl dump > /etc/signatures
Note that only entries with the filename kept (that is, were loaded
with the '-k' flag) will be dumped.
Idea from Brett Lymn.
- Add a VERIEXEC_FLUSH ioctl, to delete all Veriexec entries. Sample
usage:
# veriexecctl flush
- Add a 'veriexec_flags' rc(8) variable, and make its default have
the '-k' flag. On systems using the default signatures file
(generaetd from running 'veriexecgen' with no arguments), this will
use additional 32kb of kernel memory on average.
- Add a '-e' flag to veriexecctl, to evaluate the fingerprint during
load. This is done automatically for files marked as 'untrusted'.
Misc. stuff:
- The code for veriexecctl was massively simplified as a result of
eliminating the need for VERIEXEC_TABLESIZE, and now uses a single
pass of the signatures file, making the loading somewhat faster.
- Lots of minor fixes found using the (still under development)
Veriexec regression testsuite.
- Some of the messages Veriexec prints were improved.
- Various documentation fixes.
All relevant man-pages were updated to reflect the above changes.
Binary compatibility with existing veriexecctl binaries is maintained.
2007-05-15 23:47:43 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Strip the executable bit from 'maxprot' to make sure
|
|
|
|
* it can't be made executable later.
|
|
|
|
*/
|
|
|
|
maxprot &= ~VM_PROT_EXECUTE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif /* NVERIEXEC > 0 */
|
|
|
|
|
2006-05-20 19:45:37 +04:00
|
|
|
#ifdef PAX_MPROTECT
|
|
|
|
pax_mprotect(l, &prot, &maxprot);
|
|
|
|
#endif /* PAX_MPROTECT */
|
|
|
|
|
2007-12-27 01:11:47 +03:00
|
|
|
#ifdef PAX_ASLR
|
|
|
|
pax_aslr(l, &addr, orig_addr, flags);
|
|
|
|
#endif /* PAX_ASLR */
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/*
|
|
|
|
* now let kernel internal function uvm_mmap do the work.
|
|
|
|
*/
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
error = uvm_mmap(&p->p_vmspace->vm_map, &addr, size, prot, maxprot,
|
1999-06-18 09:13:45 +04:00
|
|
|
flags, handle, pos, p->p_rlimit[RLIMIT_MEMLOCK].rlim_cur);
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
if (error == 0)
|
|
|
|
/* remember to add offset */
|
|
|
|
*retval = (register_t)(addr + pageoff);
|
1998-02-05 09:25:08 +03:00
|
|
|
|
2007-10-08 19:12:05 +04:00
|
|
|
if (fp != NULL)
|
2008-03-22 00:54:58 +03:00
|
|
|
fd_putfile(fd);
|
2007-10-08 19:12:05 +04:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
return (error);
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys___msync13: the msync system call (a front-end for flush)
|
|
|
|
*/
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys___msync13(struct lwp *l, const struct sys___msync13_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
2007-03-04 08:59:00 +03:00
|
|
|
syscallarg(void *) addr;
|
1998-03-09 03:58:55 +03:00
|
|
|
syscallarg(size_t) len;
|
|
|
|
syscallarg(int) flags;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1998-08-13 06:10:37 +04:00
|
|
|
vaddr_t addr;
|
|
|
|
vsize_t size, pageoff;
|
2001-06-02 22:09:08 +04:00
|
|
|
struct vm_map *map;
|
2001-03-15 09:10:32 +03:00
|
|
|
int error, rv, flags, uvmflags;
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* extract syscall args from the uap
|
|
|
|
*/
|
|
|
|
|
1998-08-13 06:10:37 +04:00
|
|
|
addr = (vaddr_t)SCARG(uap, addr);
|
|
|
|
size = (vsize_t)SCARG(uap, len);
|
1998-03-09 03:58:55 +03:00
|
|
|
flags = SCARG(uap, flags);
|
|
|
|
|
|
|
|
/* sanity check flags */
|
|
|
|
if ((flags & ~(MS_ASYNC | MS_SYNC | MS_INVALIDATE)) != 0 ||
|
2003-08-24 22:12:25 +04:00
|
|
|
(flags & (MS_ASYNC | MS_SYNC | MS_INVALIDATE)) == 0 ||
|
|
|
|
(flags & (MS_ASYNC | MS_SYNC)) == (MS_ASYNC | MS_SYNC))
|
|
|
|
return (EINVAL);
|
1998-03-09 03:58:55 +03:00
|
|
|
if ((flags & (MS_ASYNC | MS_SYNC)) == 0)
|
2003-08-24 22:12:25 +04:00
|
|
|
flags |= MS_SYNC;
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/*
|
2001-03-15 09:10:32 +03:00
|
|
|
* align the address to a page boundary and adjust the size accordingly.
|
1998-03-09 03:58:55 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
pageoff = (addr & PAGE_MASK);
|
|
|
|
addr -= pageoff;
|
|
|
|
size += pageoff;
|
2001-03-15 09:10:32 +03:00
|
|
|
size = (vsize_t)round_page(size);
|
1998-03-09 03:58:55 +03:00
|
|
|
|
2007-09-23 20:05:40 +04:00
|
|
|
error = range_test(addr, size, false);
|
|
|
|
if (error)
|
|
|
|
return error;
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* get map
|
|
|
|
*/
|
|
|
|
|
|
|
|
map = &p->p_vmspace->vm_map;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* XXXCDC: do we really need this semantic?
|
|
|
|
*
|
|
|
|
* XXX Gak! If size is zero we are supposed to sync "all modified
|
|
|
|
* pages with the region containing addr". Unfortunately, we
|
|
|
|
* don't really keep track of individual mmaps so we approximate
|
|
|
|
* by flushing the range of the map entry containing addr.
|
|
|
|
* This can be incorrect if the region splits or is coalesced
|
|
|
|
* with a neighbor.
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
if (size == 0) {
|
2001-06-02 22:09:08 +04:00
|
|
|
struct vm_map_entry *entry;
|
2001-05-25 08:06:11 +04:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
vm_map_lock_read(map);
|
|
|
|
rv = uvm_map_lookup_entry(map, addr, &entry);
|
2007-02-22 09:05:00 +03:00
|
|
|
if (rv == true) {
|
1998-03-09 03:58:55 +03:00
|
|
|
addr = entry->start;
|
|
|
|
size = entry->end - entry->start;
|
|
|
|
}
|
|
|
|
vm_map_unlock_read(map);
|
2007-02-22 09:05:00 +03:00
|
|
|
if (rv == false)
|
1998-03-09 03:58:55 +03:00
|
|
|
return (EINVAL);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* translate MS_ flags into PGO_ flags
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1999-07-15 01:06:30 +04:00
|
|
|
uvmflags = PGO_CLEANIT;
|
|
|
|
if (flags & MS_INVALIDATE)
|
|
|
|
uvmflags |= PGO_FREE;
|
1998-03-09 03:58:55 +03:00
|
|
|
if (flags & MS_SYNC)
|
|
|
|
uvmflags |= PGO_SYNCIO;
|
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
error = uvm_map_clean(map, addr, addr+size, uvmflags);
|
|
|
|
return error;
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_munmap: unmap a users memory
|
|
|
|
*/
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_munmap(struct lwp *l, const struct sys_munmap_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
2007-03-04 08:59:00 +03:00
|
|
|
syscallarg(void *) addr;
|
1998-03-09 03:58:55 +03:00
|
|
|
syscallarg(size_t) len;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1998-08-13 06:10:37 +04:00
|
|
|
vaddr_t addr;
|
|
|
|
vsize_t size, pageoff;
|
2001-06-02 22:09:08 +04:00
|
|
|
struct vm_map *map;
|
1998-03-09 03:58:55 +03:00
|
|
|
struct vm_map_entry *dead_entries;
|
2007-09-23 20:05:40 +04:00
|
|
|
int error;
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
2001-03-15 09:10:32 +03:00
|
|
|
* get syscall args.
|
1998-03-09 03:58:55 +03:00
|
|
|
*/
|
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
addr = (vaddr_t)SCARG(uap, addr);
|
|
|
|
size = (vsize_t)SCARG(uap, len);
|
2001-05-25 08:06:11 +04:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/*
|
2001-03-15 09:10:32 +03:00
|
|
|
* align the address to a page boundary and adjust the size accordingly.
|
1998-03-09 03:58:55 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
pageoff = (addr & PAGE_MASK);
|
|
|
|
addr -= pageoff;
|
|
|
|
size += pageoff;
|
2001-03-15 09:10:32 +03:00
|
|
|
size = (vsize_t)round_page(size);
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
if (size == 0)
|
|
|
|
return (0);
|
|
|
|
|
2007-09-23 20:05:40 +04:00
|
|
|
error = range_test(addr, size, false);
|
|
|
|
if (error)
|
|
|
|
return error;
|
2007-05-12 00:41:14 +04:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
map = &p->p_vmspace->vm_map;
|
|
|
|
|
|
|
|
/*
|
2001-05-25 08:06:11 +04:00
|
|
|
* interesting system call semantic: make sure entire range is
|
1998-03-09 03:58:55 +03:00
|
|
|
* allocated before allowing an unmap.
|
|
|
|
*/
|
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
vm_map_lock(map);
|
2002-09-27 23:13:29 +04:00
|
|
|
#if 0
|
1998-03-09 03:58:55 +03:00
|
|
|
if (!uvm_map_checkprot(map, addr, addr + size, VM_PROT_NONE)) {
|
|
|
|
vm_map_unlock(map);
|
|
|
|
return (EINVAL);
|
|
|
|
}
|
2002-09-27 23:13:29 +04:00
|
|
|
#endif
|
2005-04-01 15:59:21 +04:00
|
|
|
uvm_unmap_remove(map, addr, addr + size, &dead_entries, NULL, 0);
|
2001-03-15 09:10:32 +03:00
|
|
|
vm_map_unlock(map);
|
1998-03-09 03:58:55 +03:00
|
|
|
if (dead_entries != NULL)
|
|
|
|
uvm_unmap_detach(dead_entries, 0);
|
|
|
|
return (0);
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_mprotect: the mprotect system call
|
|
|
|
*/
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_mprotect(struct lwp *l, const struct sys_mprotect_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
2007-03-04 08:59:00 +03:00
|
|
|
syscallarg(void *) addr;
|
2003-08-24 20:32:50 +04:00
|
|
|
syscallarg(size_t) len;
|
1998-03-09 03:58:55 +03:00
|
|
|
syscallarg(int) prot;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1998-08-13 06:10:37 +04:00
|
|
|
vaddr_t addr;
|
|
|
|
vsize_t size, pageoff;
|
1998-03-09 03:58:55 +03:00
|
|
|
vm_prot_t prot;
|
2001-03-15 09:10:32 +03:00
|
|
|
int error;
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* extract syscall args from uap
|
|
|
|
*/
|
|
|
|
|
1998-08-13 06:10:37 +04:00
|
|
|
addr = (vaddr_t)SCARG(uap, addr);
|
|
|
|
size = (vsize_t)SCARG(uap, len);
|
1998-03-09 03:58:55 +03:00
|
|
|
prot = SCARG(uap, prot) & VM_PROT_ALL;
|
|
|
|
|
|
|
|
/*
|
2001-03-15 09:10:32 +03:00
|
|
|
* align the address to a page boundary and adjust the size accordingly.
|
1998-03-09 03:58:55 +03:00
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
pageoff = (addr & PAGE_MASK);
|
|
|
|
addr -= pageoff;
|
|
|
|
size += pageoff;
|
2003-08-24 20:32:50 +04:00
|
|
|
size = round_page(size);
|
2001-03-15 09:10:32 +03:00
|
|
|
|
2007-09-23 20:05:40 +04:00
|
|
|
error = range_test(addr, size, false);
|
|
|
|
if (error)
|
|
|
|
return error;
|
2007-05-12 00:41:14 +04:00
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
error = uvm_map_protect(&p->p_vmspace->vm_map, addr, addr + size, prot,
|
2007-02-22 09:05:00 +03:00
|
|
|
false);
|
2001-03-15 09:10:32 +03:00
|
|
|
return error;
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_minherit: the minherit system call
|
|
|
|
*/
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_minherit(struct lwp *l, const struct sys_minherit_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
2007-03-04 08:59:00 +03:00
|
|
|
syscallarg(void *) addr;
|
1998-03-09 03:58:55 +03:00
|
|
|
syscallarg(int) len;
|
|
|
|
syscallarg(int) inherit;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1998-08-13 06:10:37 +04:00
|
|
|
vaddr_t addr;
|
|
|
|
vsize_t size, pageoff;
|
2000-03-30 16:31:50 +04:00
|
|
|
vm_inherit_t inherit;
|
2001-03-15 09:10:32 +03:00
|
|
|
int error;
|
2001-05-25 08:06:11 +04:00
|
|
|
|
1998-08-13 06:10:37 +04:00
|
|
|
addr = (vaddr_t)SCARG(uap, addr);
|
|
|
|
size = (vsize_t)SCARG(uap, len);
|
1998-03-09 03:58:55 +03:00
|
|
|
inherit = SCARG(uap, inherit);
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/*
|
2001-03-15 09:10:32 +03:00
|
|
|
* align the address to a page boundary and adjust the size accordingly.
|
1998-03-09 03:58:55 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
pageoff = (addr & PAGE_MASK);
|
|
|
|
addr -= pageoff;
|
|
|
|
size += pageoff;
|
2001-03-15 09:10:32 +03:00
|
|
|
size = (vsize_t)round_page(size);
|
1998-03-09 03:58:55 +03:00
|
|
|
|
2007-09-23 20:05:40 +04:00
|
|
|
error = range_test(addr, size, false);
|
|
|
|
if (error)
|
|
|
|
return error;
|
2007-05-12 00:41:14 +04:00
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
error = uvm_map_inherit(&p->p_vmspace->vm_map, addr, addr + size,
|
|
|
|
inherit);
|
|
|
|
return error;
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
1999-05-23 10:27:13 +04:00
|
|
|
/*
|
|
|
|
* sys_madvise: give advice about memory usage.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* ARGSUSED */
|
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_madvise(struct lwp *l, const struct sys_madvise_args *uap, register_t *retval)
|
1999-05-23 10:27:13 +04:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
2007-03-04 08:59:00 +03:00
|
|
|
syscallarg(void *) addr;
|
1999-05-23 10:27:13 +04:00
|
|
|
syscallarg(size_t) len;
|
|
|
|
syscallarg(int) behav;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1999-05-23 10:27:13 +04:00
|
|
|
vaddr_t addr;
|
|
|
|
vsize_t size, pageoff;
|
2001-03-15 09:10:32 +03:00
|
|
|
int advice, error;
|
2001-05-25 08:06:11 +04:00
|
|
|
|
1999-05-23 10:27:13 +04:00
|
|
|
addr = (vaddr_t)SCARG(uap, addr);
|
|
|
|
size = (vsize_t)SCARG(uap, len);
|
|
|
|
advice = SCARG(uap, behav);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* align the address to a page boundary, and adjust the size accordingly
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1999-05-23 10:27:13 +04:00
|
|
|
pageoff = (addr & PAGE_MASK);
|
|
|
|
addr -= pageoff;
|
|
|
|
size += pageoff;
|
2001-03-15 09:10:32 +03:00
|
|
|
size = (vsize_t)round_page(size);
|
1999-05-23 10:27:13 +04:00
|
|
|
|
2007-09-23 20:05:40 +04:00
|
|
|
error = range_test(addr, size, false);
|
|
|
|
if (error)
|
|
|
|
return error;
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
|
|
|
|
switch (advice) {
|
|
|
|
case MADV_NORMAL:
|
|
|
|
case MADV_RANDOM:
|
|
|
|
case MADV_SEQUENTIAL:
|
2001-03-15 09:10:32 +03:00
|
|
|
error = uvm_map_advice(&p->p_vmspace->vm_map, addr, addr + size,
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
advice);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case MADV_WILLNEED:
|
2001-03-15 09:10:32 +03:00
|
|
|
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
/*
|
|
|
|
* Activate all these pages, pre-faulting them in if
|
|
|
|
* necessary.
|
|
|
|
*/
|
|
|
|
/*
|
|
|
|
* XXX IMPLEMENT ME.
|
|
|
|
* Should invent a "weak" mode for uvm_fault()
|
|
|
|
* which would only do the PGO_LOCKED pgo_get().
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
return (0);
|
|
|
|
|
|
|
|
case MADV_DONTNEED:
|
2001-03-15 09:10:32 +03:00
|
|
|
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
/*
|
|
|
|
* Deactivate all these pages. We don't need them
|
|
|
|
* any more. We don't, however, toss the data in
|
|
|
|
* the pages.
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
|
|
|
error = uvm_map_clean(&p->p_vmspace->vm_map, addr, addr + size,
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
PGO_DEACTIVATE);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case MADV_FREE:
|
2001-03-15 09:10:32 +03:00
|
|
|
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
/*
|
|
|
|
* These pages contain no valid data, and may be
|
2000-11-25 02:30:01 +03:00
|
|
|
* garbage-collected. Toss all resources, including
|
1999-07-08 04:52:45 +04:00
|
|
|
* any swap space in use.
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
|
|
|
error = uvm_map_clean(&p->p_vmspace->vm_map, addr, addr + size,
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
PGO_FREE);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case MADV_SPACEAVAIL:
|
2001-03-15 09:10:32 +03:00
|
|
|
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
/*
|
|
|
|
* XXXMRG What is this? I think it's:
|
|
|
|
*
|
|
|
|
* Ensure that we have allocated backing-store
|
|
|
|
* for these pages.
|
|
|
|
*
|
|
|
|
* This is going to require changes to the page daemon,
|
|
|
|
* as it will free swap space allocated to pages in core.
|
|
|
|
* There's also what to do for device/file/anonymous memory.
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
Add some more meat to madvise(2):
* Implement MADV_DONTNEED: deactivate pages in the specified range,
semantics similar to Solaris's MADV_DONTNEED.
* Add MADV_FREE: free pages and swap resources associated with the
specified range, causing the range to be reloaded from backing
store (vnodes) or zero-fill (anonymous), semantics like FreeBSD's
MADV_FREE and like Digital UNIX's MADV_DONTNEED (isn't it SO GREAT
that madvise(2) isn't standardized!?)
As part of this, move the non-map-modifying advice handling out of
uvm_map_advise(), and into sys_madvise().
As another part, implement general amap cleaning in uvm_map_clean(), and
change uvm_map_clean() to only push dirty pages to disk if PGO_CLEANIT
is set in its flags (and update sys___msync13() accordingly). XXX Add
a patchable global "amap_clean_works", defaulting to 1, which can disable
the amap cleaning code, just in case problems are unearthed; this gives
a developer/user a quick way to recover and send a bug report (e.g. boot
into DDB and change the value).
XXX Still need to implement a real uao_flush().
XXX Need to update the manual page.
With these changes, rebuilding libc will automatically cause the new
malloc(3) to use MADV_FREE to actually release pages and swap resources
when it decides that can be done.
1999-07-07 10:02:21 +04:00
|
|
|
return (EINVAL);
|
|
|
|
|
|
|
|
default:
|
|
|
|
return (EINVAL);
|
|
|
|
}
|
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
return error;
|
1999-05-23 10:27:13 +04:00
|
|
|
}
|
|
|
|
|
1998-02-05 09:25:08 +03:00
|
|
|
/*
|
|
|
|
* sys_mlock: memory lock
|
|
|
|
*/
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_mlock(struct lwp *l, const struct sys_mlock_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
1998-05-31 02:21:03 +04:00
|
|
|
syscallarg(const void *) addr;
|
1998-03-09 03:58:55 +03:00
|
|
|
syscallarg(size_t) len;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1998-08-13 06:10:37 +04:00
|
|
|
vaddr_t addr;
|
|
|
|
vsize_t size, pageoff;
|
1998-03-09 03:58:55 +03:00
|
|
|
int error;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* extract syscall args from uap
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1998-08-13 06:10:37 +04:00
|
|
|
addr = (vaddr_t)SCARG(uap, addr);
|
|
|
|
size = (vsize_t)SCARG(uap, len);
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* align the address to a page boundary and adjust the size accordingly
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
pageoff = (addr & PAGE_MASK);
|
|
|
|
addr -= pageoff;
|
|
|
|
size += pageoff;
|
2001-03-15 09:10:32 +03:00
|
|
|
size = (vsize_t)round_page(size);
|
2001-05-25 08:06:11 +04:00
|
|
|
|
2007-09-23 20:05:40 +04:00
|
|
|
error = range_test(addr, size, false);
|
|
|
|
if (error)
|
|
|
|
return error;
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
if (atop(size) + uvmexp.wired > uvmexp.wiredmax)
|
|
|
|
return (EAGAIN);
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
if (size + ptoa(pmap_wired_count(vm_map_pmap(&p->p_vmspace->vm_map))) >
|
|
|
|
p->p_rlimit[RLIMIT_MEMLOCK].rlim_cur)
|
|
|
|
return (EAGAIN);
|
1998-02-05 09:25:08 +03:00
|
|
|
|
2007-02-22 09:05:00 +03:00
|
|
|
error = uvm_map_pageable(&p->p_vmspace->vm_map, addr, addr+size, false,
|
1999-07-18 01:35:49 +04:00
|
|
|
0);
|
2004-12-02 18:23:47 +03:00
|
|
|
if (error == EFAULT)
|
|
|
|
error = ENOMEM;
|
2001-03-15 09:10:32 +03:00
|
|
|
return error;
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_munlock: unlock wired pages
|
|
|
|
*/
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_munlock(struct lwp *l, const struct sys_munlock_args *uap, register_t *retval)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
1998-05-31 02:21:03 +04:00
|
|
|
syscallarg(const void *) addr;
|
1998-03-09 03:58:55 +03:00
|
|
|
syscallarg(size_t) len;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1998-08-13 06:10:37 +04:00
|
|
|
vaddr_t addr;
|
|
|
|
vsize_t size, pageoff;
|
1998-03-09 03:58:55 +03:00
|
|
|
int error;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* extract syscall args from uap
|
|
|
|
*/
|
|
|
|
|
1998-08-13 06:10:37 +04:00
|
|
|
addr = (vaddr_t)SCARG(uap, addr);
|
|
|
|
size = (vsize_t)SCARG(uap, len);
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* align the address to a page boundary, and adjust the size accordingly
|
|
|
|
*/
|
2001-03-15 09:10:32 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
pageoff = (addr & PAGE_MASK);
|
|
|
|
addr -= pageoff;
|
|
|
|
size += pageoff;
|
2001-03-15 09:10:32 +03:00
|
|
|
size = (vsize_t)round_page(size);
|
1998-03-09 03:58:55 +03:00
|
|
|
|
2007-09-23 20:05:40 +04:00
|
|
|
error = range_test(addr, size, false);
|
|
|
|
if (error)
|
|
|
|
return error;
|
1998-02-05 09:25:08 +03:00
|
|
|
|
2007-02-22 09:05:00 +03:00
|
|
|
error = uvm_map_pageable(&p->p_vmspace->vm_map, addr, addr+size, true,
|
1999-07-18 01:35:49 +04:00
|
|
|
0);
|
2004-12-02 18:23:47 +03:00
|
|
|
if (error == EFAULT)
|
|
|
|
error = ENOMEM;
|
2001-03-15 09:10:32 +03:00
|
|
|
return error;
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
|
|
|
|
1999-06-16 03:27:47 +04:00
|
|
|
/*
|
|
|
|
* sys_mlockall: lock all pages mapped into an address space.
|
|
|
|
*/
|
|
|
|
|
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_mlockall(struct lwp *l, const struct sys_mlockall_args *uap, register_t *retval)
|
1999-06-16 03:27:47 +04:00
|
|
|
{
|
2007-12-21 02:02:38 +03:00
|
|
|
/* {
|
1999-06-16 03:27:47 +04:00
|
|
|
syscallarg(int) flags;
|
2007-12-21 02:02:38 +03:00
|
|
|
} */
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1999-06-16 03:27:47 +04:00
|
|
|
int error, flags;
|
|
|
|
|
|
|
|
flags = SCARG(uap, flags);
|
|
|
|
|
|
|
|
if (flags == 0 ||
|
|
|
|
(flags & ~(MCL_CURRENT|MCL_FUTURE)) != 0)
|
|
|
|
return (EINVAL);
|
|
|
|
|
1999-06-18 09:13:45 +04:00
|
|
|
error = uvm_map_pageable_all(&p->p_vmspace->vm_map, flags,
|
|
|
|
p->p_rlimit[RLIMIT_MEMLOCK].rlim_cur);
|
1999-06-16 03:27:47 +04:00
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_munlockall: unlock all pages mapped into an address space.
|
|
|
|
*/
|
|
|
|
|
|
|
|
int
|
2007-12-21 02:02:38 +03:00
|
|
|
sys_munlockall(struct lwp *l, const void *v, register_t *retval)
|
1999-06-16 03:27:47 +04:00
|
|
|
{
|
2003-01-18 11:51:40 +03:00
|
|
|
struct proc *p = l->l_proc;
|
1999-06-16 03:27:47 +04:00
|
|
|
|
|
|
|
(void) uvm_map_pageable_all(&p->p_vmspace->vm_map, 0, 0);
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
1998-02-05 09:25:08 +03:00
|
|
|
/*
|
|
|
|
* uvm_mmap: internal version of mmap
|
|
|
|
*
|
a whole bunch of changes to improve performance and robustness under load:
- remove special treatment of pager_map mappings in pmaps. this is
required now, since I've removed the globals that expose the address range.
pager_map now uses pmap_kenter_pa() instead of pmap_enter(), so there's
no longer any need to special-case it.
- eliminate struct uvm_vnode by moving its fields into struct vnode.
- rewrite the pageout path. the pager is now responsible for handling the
high-level requests instead of only getting control after a bunch of work
has already been done on its behalf. this will allow us to UBCify LFS,
which needs tighter control over its pages than other filesystems do.
writing a page to disk no longer requires making it read-only, which
allows us to write wired pages without causing all kinds of havoc.
- use a new PG_PAGEOUT flag to indicate that a page should be freed
on behalf of the pagedaemon when it's unlocked. this flag is very similar
to PG_RELEASED, but unlike PG_RELEASED, PG_PAGEOUT can be cleared if the
pageout fails due to eg. an indirect-block buffer being locked.
this allows us to remove the "version" field from struct vm_page,
and together with shrinking "loan_count" from 32 bits to 16,
struct vm_page is now 4 bytes smaller.
- no longer use PG_RELEASED for swap-backed pages. if the page is busy
because it's being paged out, we can't release the swap slot to be
reallocated until that write is complete, but unlike with vnodes we
don't keep a count of in-progress writes so there's no good way to
know when the write is done. instead, when we need to free a busy
swap-backed page, just sleep until we can get it busy ourselves.
- implement a fast-path for extending writes which allows us to avoid
zeroing new pages. this substantially reduces cpu usage.
- encapsulate the data used by the genfs code in a struct genfs_node,
which must be the first element of the filesystem-specific vnode data
for filesystems which use genfs_{get,put}pages().
- eliminate many of the UVM pagerops, since they aren't needed anymore
now that the pager "put" operation is a higher-level operation.
- enhance the genfs code to allow NFS to use the genfs_{get,put}pages
instead of a modified copy.
- clean up struct vnode by removing all the fields that used to be used by
the vfs_cluster.c code (which we don't use anymore with UBC).
- remove kmem_object and mb_object since they were useless.
instead of allocating pages to these objects, we now just allocate
pages with no object. such pages are mapped in the kernel until they
are freed, so we can use the mapping to find the page to free it.
this allows us to remove splvm() protection in several places.
The sum of all these changes improves write throughput on my
decstation 5000/200 to within 1% of the rate of NetBSD 1.5
and reduces the elapsed time for "make release" of a NetBSD 1.5
source tree on my 128MB pc to 10% less than a 1.5 kernel took.
2001-09-16 00:36:31 +04:00
|
|
|
* - used by sys_mmap and various framebuffers
|
|
|
|
* - handle is a vnode pointer or NULL for MAP_ANON
|
1998-02-05 09:25:08 +03:00
|
|
|
* - caller must page-align the file offset
|
|
|
|
*/
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
int
|
2009-03-15 00:04:01 +03:00
|
|
|
uvm_mmap(struct vm_map *map, vaddr_t *addr, vsize_t size, vm_prot_t prot, vm_prot_t maxprot, int flags, void *handle, voff_t foff, vsize_t locklimit)
|
1998-02-05 09:25:08 +03:00
|
|
|
{
|
1998-03-09 03:58:55 +03:00
|
|
|
struct uvm_object *uobj;
|
|
|
|
struct vnode *vp;
|
2003-03-06 03:41:51 +03:00
|
|
|
vaddr_t align = 0;
|
2001-03-15 09:10:32 +03:00
|
|
|
int error;
|
1998-03-09 03:58:55 +03:00
|
|
|
int advice = UVM_ADV_NORMAL;
|
|
|
|
uvm_flag_t uvmflag = 0;
|
2007-02-22 01:59:35 +03:00
|
|
|
bool needwritemap;
|
1998-03-09 03:58:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* check params
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (size == 0)
|
|
|
|
return(0);
|
|
|
|
if (foff & PAGE_MASK)
|
|
|
|
return(EINVAL);
|
|
|
|
if ((prot & maxprot) != prot)
|
|
|
|
return(EINVAL);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* for non-fixed mappings, round off the suggested address.
|
|
|
|
* for fixed mappings, check alignment and zap old mappings.
|
|
|
|
*/
|
|
|
|
|
|
|
|
if ((flags & MAP_FIXED) == 0) {
|
a whole bunch of changes to improve performance and robustness under load:
- remove special treatment of pager_map mappings in pmaps. this is
required now, since I've removed the globals that expose the address range.
pager_map now uses pmap_kenter_pa() instead of pmap_enter(), so there's
no longer any need to special-case it.
- eliminate struct uvm_vnode by moving its fields into struct vnode.
- rewrite the pageout path. the pager is now responsible for handling the
high-level requests instead of only getting control after a bunch of work
has already been done on its behalf. this will allow us to UBCify LFS,
which needs tighter control over its pages than other filesystems do.
writing a page to disk no longer requires making it read-only, which
allows us to write wired pages without causing all kinds of havoc.
- use a new PG_PAGEOUT flag to indicate that a page should be freed
on behalf of the pagedaemon when it's unlocked. this flag is very similar
to PG_RELEASED, but unlike PG_RELEASED, PG_PAGEOUT can be cleared if the
pageout fails due to eg. an indirect-block buffer being locked.
this allows us to remove the "version" field from struct vm_page,
and together with shrinking "loan_count" from 32 bits to 16,
struct vm_page is now 4 bytes smaller.
- no longer use PG_RELEASED for swap-backed pages. if the page is busy
because it's being paged out, we can't release the swap slot to be
reallocated until that write is complete, but unlike with vnodes we
don't keep a count of in-progress writes so there's no good way to
know when the write is done. instead, when we need to free a busy
swap-backed page, just sleep until we can get it busy ourselves.
- implement a fast-path for extending writes which allows us to avoid
zeroing new pages. this substantially reduces cpu usage.
- encapsulate the data used by the genfs code in a struct genfs_node,
which must be the first element of the filesystem-specific vnode data
for filesystems which use genfs_{get,put}pages().
- eliminate many of the UVM pagerops, since they aren't needed anymore
now that the pager "put" operation is a higher-level operation.
- enhance the genfs code to allow NFS to use the genfs_{get,put}pages
instead of a modified copy.
- clean up struct vnode by removing all the fields that used to be used by
the vfs_cluster.c code (which we don't use anymore with UBC).
- remove kmem_object and mb_object since they were useless.
instead of allocating pages to these objects, we now just allocate
pages with no object. such pages are mapped in the kernel until they
are freed, so we can use the mapping to find the page to free it.
this allows us to remove splvm() protection in several places.
The sum of all these changes improves write throughput on my
decstation 5000/200 to within 1% of the rate of NetBSD 1.5
and reduces the elapsed time for "make release" of a NetBSD 1.5
source tree on my 128MB pc to 10% less than a 1.5 kernel took.
2001-09-16 00:36:31 +04:00
|
|
|
*addr = round_page(*addr);
|
1998-03-09 03:58:55 +03:00
|
|
|
} else {
|
|
|
|
if (*addr & PAGE_MASK)
|
|
|
|
return(EINVAL);
|
|
|
|
uvmflag |= UVM_FLAG_FIXED;
|
a whole bunch of changes to improve performance and robustness under load:
- remove special treatment of pager_map mappings in pmaps. this is
required now, since I've removed the globals that expose the address range.
pager_map now uses pmap_kenter_pa() instead of pmap_enter(), so there's
no longer any need to special-case it.
- eliminate struct uvm_vnode by moving its fields into struct vnode.
- rewrite the pageout path. the pager is now responsible for handling the
high-level requests instead of only getting control after a bunch of work
has already been done on its behalf. this will allow us to UBCify LFS,
which needs tighter control over its pages than other filesystems do.
writing a page to disk no longer requires making it read-only, which
allows us to write wired pages without causing all kinds of havoc.
- use a new PG_PAGEOUT flag to indicate that a page should be freed
on behalf of the pagedaemon when it's unlocked. this flag is very similar
to PG_RELEASED, but unlike PG_RELEASED, PG_PAGEOUT can be cleared if the
pageout fails due to eg. an indirect-block buffer being locked.
this allows us to remove the "version" field from struct vm_page,
and together with shrinking "loan_count" from 32 bits to 16,
struct vm_page is now 4 bytes smaller.
- no longer use PG_RELEASED for swap-backed pages. if the page is busy
because it's being paged out, we can't release the swap slot to be
reallocated until that write is complete, but unlike with vnodes we
don't keep a count of in-progress writes so there's no good way to
know when the write is done. instead, when we need to free a busy
swap-backed page, just sleep until we can get it busy ourselves.
- implement a fast-path for extending writes which allows us to avoid
zeroing new pages. this substantially reduces cpu usage.
- encapsulate the data used by the genfs code in a struct genfs_node,
which must be the first element of the filesystem-specific vnode data
for filesystems which use genfs_{get,put}pages().
- eliminate many of the UVM pagerops, since they aren't needed anymore
now that the pager "put" operation is a higher-level operation.
- enhance the genfs code to allow NFS to use the genfs_{get,put}pages
instead of a modified copy.
- clean up struct vnode by removing all the fields that used to be used by
the vfs_cluster.c code (which we don't use anymore with UBC).
- remove kmem_object and mb_object since they were useless.
instead of allocating pages to these objects, we now just allocate
pages with no object. such pages are mapped in the kernel until they
are freed, so we can use the mapping to find the page to free it.
this allows us to remove splvm() protection in several places.
The sum of all these changes improves write throughput on my
decstation 5000/200 to within 1% of the rate of NetBSD 1.5
and reduces the elapsed time for "make release" of a NetBSD 1.5
source tree on my 128MB pc to 10% less than a 1.5 kernel took.
2001-09-16 00:36:31 +04:00
|
|
|
(void) uvm_unmap(map, *addr, *addr + size);
|
1998-03-09 03:58:55 +03:00
|
|
|
}
|
|
|
|
|
2003-03-06 03:41:51 +03:00
|
|
|
/*
|
|
|
|
* Try to see if any requested alignment can even be attemped.
|
|
|
|
* Make sure we can express the alignment (asking for a >= 4GB
|
|
|
|
* alignment on an ILP32 architecure make no sense) and the
|
|
|
|
* alignment is at least for a page sized quanitiy. If the
|
|
|
|
* request was for a fixed mapping, make sure supplied address
|
|
|
|
* adheres to the request alignment.
|
|
|
|
*/
|
|
|
|
align = (flags & MAP_ALIGNMENT_MASK) >> MAP_ALIGNMENT_SHIFT;
|
|
|
|
if (align) {
|
|
|
|
if (align >= sizeof(vaddr_t) * NBBY)
|
|
|
|
return(EINVAL);
|
|
|
|
align = 1L << align;
|
|
|
|
if (align < PAGE_SIZE)
|
|
|
|
return(EINVAL);
|
2005-02-11 05:12:03 +03:00
|
|
|
if (align >= vm_map_max(map))
|
2003-03-06 03:41:51 +03:00
|
|
|
return(ENOMEM);
|
|
|
|
if (flags & MAP_FIXED) {
|
|
|
|
if ((*addr & (align-1)) != 0)
|
|
|
|
return(EINVAL);
|
|
|
|
align = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
- add new RLIMIT_AS (aka RLIMIT_VMEM) resource that limits the total
address space available to processes. this limit exists in most other
modern unix variants, and like most of them, our defaults are unlimited.
remove the old mmap / rlimit.datasize hack.
- adds the VMCMD_STACK flag to all the stack-creation vmcmd callers.
it is currently unused, but was added a few years ago.
- add a pair of new process size values to kinfo_proc2{}. one is the
total size of the process memory map, and the other is the total size
adjusted for unused stack space (since most processes have a lot of
this...)
- patch sh, and csh to notice RLIMIT_AS. (in some cases, the alias
RLIMIT_VMEM was already present and used if availble.)
- patch ps, top and systat to notice the new k_vm_vsize member of
kinfo_proc2{}.
- update irix, svr4, svr4_32, linux and osf1 emulations to support
this information. (freebsd could be done, but that it's best left
as part of the full-update of compat/freebsd.)
this addresses PR 7897. it also gives correct memory usage values,
which have never been entirely correct (since mmap), and have been
very incorrect since jemalloc() was enabled.
tested on i386 and sparc64, build tested on several other platforms.
thanks to many folks for feedback and testing but most espcially
chuq and yamt for critical suggestions that lead to this patch not
having a special ugliness i wasn't happy with anyway :-)
2009-03-29 05:02:48 +04:00
|
|
|
/*
|
|
|
|
* check resource limits
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (!VM_MAP_IS_KERNEL(map) &&
|
|
|
|
(((rlim_t)curproc->p_vmspace->vm_map.size + (rlim_t)size) >
|
|
|
|
curproc->p_rlimit[RLIMIT_AS].rlim_cur))
|
|
|
|
return ENOMEM;
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/*
|
|
|
|
* handle anon vs. non-anon mappings. for non-anon mappings attach
|
|
|
|
* to underlying vm object.
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (flags & MAP_ANON) {
|
2006-04-05 23:49:28 +04:00
|
|
|
KASSERT(handle == NULL);
|
1999-11-13 03:24:38 +03:00
|
|
|
foff = UVM_UNKNOWN_OFFSET;
|
1998-03-09 03:58:55 +03:00
|
|
|
uobj = NULL;
|
|
|
|
if ((flags & MAP_SHARED) == 0)
|
|
|
|
/* XXX: defer amap create */
|
|
|
|
uvmflag |= UVM_FLAG_COPYONW;
|
|
|
|
else
|
|
|
|
/* shared: create amap now */
|
|
|
|
uvmflag |= UVM_FLAG_OVERLAY;
|
|
|
|
|
|
|
|
} else {
|
2006-04-05 23:49:28 +04:00
|
|
|
KASSERT(handle != NULL);
|
2001-03-15 09:10:32 +03:00
|
|
|
vp = (struct vnode *)handle;
|
2001-10-30 22:05:26 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Don't allow mmap for EXEC if the file system
|
|
|
|
* is mounted NOEXEC.
|
|
|
|
*/
|
|
|
|
if ((prot & PROT_EXEC) != 0 &&
|
|
|
|
(vp->v_mount->mnt_flag & MNT_NOEXEC) != 0)
|
|
|
|
return (EACCES);
|
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
if (vp->v_type != VCHR) {
|
2007-11-26 22:01:26 +03:00
|
|
|
error = VOP_MMAP(vp, prot, curlwp->l_cred);
|
2001-08-17 09:52:46 +04:00
|
|
|
if (error) {
|
|
|
|
return error;
|
|
|
|
}
|
2007-07-22 23:16:04 +04:00
|
|
|
vref(vp);
|
|
|
|
uobj = &vp->v_uobj;
|
2001-10-30 02:06:03 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the vnode is being mapped with PROT_EXEC,
|
|
|
|
* then mark it as text.
|
|
|
|
*/
|
2007-10-11 00:42:20 +04:00
|
|
|
if (prot & PROT_EXEC) {
|
2001-10-30 18:32:01 +03:00
|
|
|
vn_markexec(vp);
|
2007-10-11 00:42:20 +04:00
|
|
|
}
|
1998-03-09 03:58:55 +03:00
|
|
|
} else {
|
2004-05-19 17:20:27 +04:00
|
|
|
int i = maxprot;
|
|
|
|
|
2001-01-08 04:35:03 +03:00
|
|
|
/*
|
|
|
|
* XXX Some devices don't like to be mapped with
|
2004-05-19 17:20:27 +04:00
|
|
|
* XXX PROT_EXEC or PROT_WRITE, but we don't really
|
|
|
|
* XXX have a better way of handling this, right now
|
2001-01-08 04:35:03 +03:00
|
|
|
*/
|
2004-05-19 17:20:27 +04:00
|
|
|
do {
|
|
|
|
uobj = udv_attach((void *) &vp->v_rdev,
|
|
|
|
(flags & MAP_SHARED) ? i :
|
|
|
|
(i & ~VM_PROT_WRITE), foff, size);
|
|
|
|
i--;
|
|
|
|
} while ((uobj == NULL) && (i > 0));
|
1998-03-09 03:58:55 +03:00
|
|
|
advice = UVM_ADV_RANDOM;
|
|
|
|
}
|
|
|
|
if (uobj == NULL)
|
1998-07-08 03:22:13 +04:00
|
|
|
return((vp->v_type == VREG) ? ENOMEM : EINVAL);
|
2005-07-23 16:18:41 +04:00
|
|
|
if ((flags & MAP_SHARED) == 0) {
|
1998-03-09 03:58:55 +03:00
|
|
|
uvmflag |= UVM_FLAG_COPYONW;
|
2006-10-05 18:48:32 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Set vnode flags to indicate the new kinds of mapping.
|
|
|
|
* We take the vnode lock in exclusive mode here to serialize
|
|
|
|
* with direct I/O.
|
2008-06-02 20:16:27 +04:00
|
|
|
*
|
|
|
|
* Safe to check for these flag values without a lock, as
|
|
|
|
* long as a reference to the vnode is held.
|
2006-10-05 18:48:32 +04:00
|
|
|
*/
|
2007-10-11 00:42:20 +04:00
|
|
|
needwritemap = (vp->v_iflag & VI_WRMAP) == 0 &&
|
2006-10-05 18:48:32 +04:00
|
|
|
(flags & MAP_SHARED) != 0 &&
|
|
|
|
(maxprot & VM_PROT_WRITE) != 0;
|
2008-06-02 20:16:27 +04:00
|
|
|
if ((vp->v_vflag & VV_MAPPED) == 0 || needwritemap) {
|
|
|
|
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
|
2007-10-11 00:42:20 +04:00
|
|
|
vp->v_vflag |= VV_MAPPED;
|
2006-10-05 18:48:32 +04:00
|
|
|
if (needwritemap) {
|
2008-06-02 20:17:12 +04:00
|
|
|
mutex_enter(&vp->v_interlock);
|
2007-10-11 00:42:20 +04:00
|
|
|
vp->v_iflag |= VI_WRMAP;
|
2008-06-02 20:17:12 +04:00
|
|
|
mutex_exit(&vp->v_interlock);
|
2006-10-05 18:48:32 +04:00
|
|
|
}
|
|
|
|
VOP_UNLOCK(vp, 0);
|
2008-06-02 20:16:27 +04:00
|
|
|
}
|
1998-03-09 03:58:55 +03:00
|
|
|
}
|
|
|
|
|
2001-05-25 08:06:11 +04:00
|
|
|
uvmflag = UVM_MAPFLAG(prot, maxprot,
|
1998-02-05 09:25:08 +03:00
|
|
|
(flags & MAP_SHARED) ? UVM_INH_SHARE : UVM_INH_COPY,
|
|
|
|
advice, uvmflag);
|
2003-03-06 03:41:51 +03:00
|
|
|
error = uvm_map(map, addr, size, uobj, foff, align, uvmflag);
|
2001-03-15 09:10:32 +03:00
|
|
|
if (error) {
|
|
|
|
if (uobj)
|
|
|
|
uobj->pgops->pgo_detach(uobj);
|
|
|
|
return error;
|
|
|
|
}
|
1998-02-05 09:25:08 +03:00
|
|
|
|
1998-03-09 03:58:55 +03:00
|
|
|
/*
|
2001-03-15 09:10:32 +03:00
|
|
|
* POSIX 1003.1b -- if our address space was configured
|
|
|
|
* to lock all future mappings, wire the one we just made.
|
2003-10-07 04:17:09 +04:00
|
|
|
*
|
|
|
|
* Also handle the MAP_WIRED flag here.
|
1998-03-09 03:58:55 +03:00
|
|
|
*/
|
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
if (prot == VM_PROT_NONE) {
|
1998-03-09 03:58:55 +03:00
|
|
|
|
1999-06-18 09:13:45 +04:00
|
|
|
/*
|
2001-03-15 09:10:32 +03:00
|
|
|
* No more work to do in this case.
|
1999-06-18 09:13:45 +04:00
|
|
|
*/
|
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
return (0);
|
|
|
|
}
|
2003-10-07 04:17:09 +04:00
|
|
|
if ((flags & MAP_WIRED) != 0 || (map->flags & VM_MAP_WIREFUTURE) != 0) {
|
2008-06-04 01:48:27 +04:00
|
|
|
vm_map_lock(map);
|
2005-01-23 18:58:13 +03:00
|
|
|
if (atop(size) + uvmexp.wired > uvmexp.wiredmax ||
|
|
|
|
(locklimit != 0 &&
|
|
|
|
size + ptoa(pmap_wired_count(vm_map_pmap(map))) >
|
|
|
|
locklimit)) {
|
2001-03-15 09:10:32 +03:00
|
|
|
vm_map_unlock(map);
|
|
|
|
uvm_unmap(map, *addr, *addr + size);
|
|
|
|
return ENOMEM;
|
1999-06-18 09:13:45 +04:00
|
|
|
}
|
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
/*
|
|
|
|
* uvm_map_pageable() always returns the map unlocked.
|
|
|
|
*/
|
1999-06-18 09:13:45 +04:00
|
|
|
|
2001-03-15 09:10:32 +03:00
|
|
|
error = uvm_map_pageable(map, *addr, *addr + size,
|
2007-02-22 09:05:00 +03:00
|
|
|
false, UVM_LK_ENTER);
|
2001-03-15 09:10:32 +03:00
|
|
|
if (error) {
|
|
|
|
uvm_unmap(map, *addr, *addr + size);
|
|
|
|
return error;
|
|
|
|
}
|
1999-06-18 09:13:45 +04:00
|
|
|
return (0);
|
|
|
|
}
|
2001-03-15 09:10:32 +03:00
|
|
|
return 0;
|
1998-02-05 09:25:08 +03:00
|
|
|
}
|
2005-03-26 08:12:34 +03:00
|
|
|
|
|
|
|
vaddr_t
|
2006-11-01 13:17:58 +03:00
|
|
|
uvm_default_mapaddr(struct proc *p, vaddr_t base, vsize_t sz)
|
2005-03-26 08:12:34 +03:00
|
|
|
{
|
2006-11-01 13:17:58 +03:00
|
|
|
|
2005-03-26 08:12:34 +03:00
|
|
|
return VM_DEFAULT_ADDRESS(base, sz);
|
|
|
|
}
|